Fraudulent emails about campus security emergency

June 6, 2018: The following information was sent via email to the IT Security Community and Frontline Notify groups on June 6, 2018. It draws attention to recent fraudulent emails as a reminder to beware of phishing attempts and to review the tips for protecting yourself.

For official information about U-M emergency alerts, see Division of Public Safety & Security Emergency Alerts. Check there to verify the legitimacy of an emergency alert at the university.

We have seen a flurry of fraudulent emails at U-M in recent days with subject lines like these:

  • A Police Security Emergency
  • UMICH INFO: Campus Emergency Announcement
  • BREAKING: Emergency Situation on Campus
  • BREAKING: Campus Security Emergency
  • Security Notification Concern on Campus
  • UMICH ALERT: Emergency Situation on Campus

The emails include a link for further information about the supposed emergency. If the recipient clicks the link in the message, they are directed to a fake Weblogin page. If they provide their uniqname and password, it is stolen.

Information Assurance (IA) is aware of the emails. We are blocking the fake Weblogin sites as we discover them.

This scam presents an opportunity to once again share with users in your units these tips for protecting yourself from these and other fraudulent emails:

  • Look carefully at all links in emails before clicking. If you aren't sure a link is legitimate and safe, don't click.
  • If the URL doesn't look right, don't click it! The URL in the recent emails, for example, is clearly not a U-M web address.
  • Look before you log in. It is common for attackers to set up fake login sites. Always check the URL before providing your password.
  • Check the phishing alerts on Safe Computing. IA staff members post phishing and other malicious emails reported to them by members of the U-M community. Check to see if the email you received is posted there.
  • Hover over links in emails with your mouse to see the actual destination. Most email programs show the URL in the bottom left corner of the window when you hover over a link. Check whether the URL matches the link in message text. If the message claims to be about the university, look to see if the URL looks like other university URLs you are familiar with.
  • Double check. If you are suspicious of a link or attachment, don't click. Check with the sender by phone or in person to see if they actually sent the message.
  • Learn more about fraudulent emails at Phishing & Suspicious Email.