Hello [recipient name]
I hope this message finds you well.
We’re reaching out to inform you of a recent health development: a staff member who may have been in your vicinity has recently returned from international travel and tested positive for a newly identified COVID-19 variant.
While our community remains largely vaccinated, this particular variant has led us to implement enhanced precautionary measures. As such, we kindly ask that you review your recent interactions to assess any potential close contact.
You can do this by logging into the Staff Interaction Portal [hyperlink leads to fake U-M login screen] using your credentials to review your recent contact records.
If you believe you may have had contact with the individual, please reach out to us promptly. Otherwise, no action is necessary, and you may disregard this message.
We appreciate your discretion in keeping this information confidential to avoid unnecessary concern within the community.
Thank you for your understanding and cooperation. Should you have any questions or need further assistance, please don’t hesitate to get in touch.
Warm regards,
Dr. [redacted name]
Health Care Center
University of Michigan
1109 Geddes Ave | Ann Arbor, MI 48109
734-845-3211 | 
734-845-2345
[email protected]
Note: The hyperlink in the email message leads to a fake U-M Weblogin screen designed to induce the recipient to provide their login and password, followed by a prompt to authenticate using Duo.
For more information about related phishing scams, see the IA Security Notice: Be aware of sophisticated phishing attacks that target Duo two-factor authentication. To learn how to spot a fake login screen and what to do if you entered your credentials, see Look Before You Log In. See also Login Theft Scams.
