<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
</head>
<body style="word-wrap: break-word; -webkit-nbsp-mode: space; line-break: after-white-space;" class="">
<br class="">
<div><br class="">
<div class="">Begin forwarded message:</div>
<br class="Apple-interchange-newline">
<div style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px;" class="">
<span style="font-family: -webkit-system-font, Helvetica Neue, Helvetica, sans-serif; color:rgba(0, 0, 0, 1.0);" class=""><b class="">From:
</b></span><span style="font-family: -webkit-system-font, Helvetica Neue, Helvetica, sans-serif;" class="">Margaret Cabral <<a href="mailto:mcabral1@mit.edu" class="">mcabral1@mit.edu</a>><br class="">
</span></div>
<div style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px;" class="">
<span style="font-family: -webkit-system-font, Helvetica Neue, Helvetica, sans-serif; color:rgba(0, 0, 0, 1.0);" class=""><b class="">Subject:
</b></span><span style="font-family: -webkit-system-font, Helvetica Neue, Helvetica, sans-serif;" class=""><b class="">[Biofac] Fwd: Warning: "Incoming emails delayed" Phishing scam</b><br class="">
</span></div>
<div style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px;" class="">
<span style="font-family: -webkit-system-font, Helvetica Neue, Helvetica, sans-serif; color:rgba(0, 0, 0, 1.0);" class=""><b class="">Date:
</b></span><span style="font-family: -webkit-system-font, Helvetica Neue, Helvetica, sans-serif;" class="">February 6, 2020 at 1:10:43 PM EST<br class="">
</span></div>
<div style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px;" class="">
<span style="font-family: -webkit-system-font, Helvetica Neue, Helvetica, sans-serif; color:rgba(0, 0, 0, 1.0);" class=""><b class="">To:
</b></span><span style="font-family: -webkit-system-font, Helvetica Neue, Helvetica, sans-serif;" class="">bio68 <<a href="mailto:bio68@mit.edu" class="">bio68@mit.edu</a>>, biofac <<a href="mailto:biofac@mit.edu" class="">biofac@mit.edu</a>>, bio68staff <<a href="mailto:bio68staff@mit.edu" class="">bio68staff@mit.edu</a>><br class="">
</span></div>
<br class="">
<div class="">
<div style="word-wrap: break-word; -webkit-nbsp-mode: space; line-break: after-white-space;" class="">
<i class="">Dear Biology Community,</i>
<div class=""><i class=""><br class="">
</i></div>
<div class=""><i class="">Please read the email below regarding a new phishing scam that is occurring on campus. </i></div>
<div class=""><i class=""><br class="">
</i></div>
<div class=""><i class="">Thanks,</i></div>
<div class=""><i class=""><br class="">
</i></div>
<div class=""><i class="">Maggie</i></div>
<div class=""><br class="">
</div>
<div class="">
<div class=""><span class="" style="font-size: 9px;"><i class="">Maggie Cabral<br class="">
MIT Biology HQ, 68-132<br class="">
ph: 617-452-3683</i></span><br class="">
</div>
<div class=""></div>
</div>
<div class="">
<div class="">
<div class="">
<div class="">
<div style="caret-color: rgb(0, 0, 0); font-family: Helvetica; font-size: 12px; font-style: normal; font-variant-caps: normal; font-weight: normal; letter-spacing: normal; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px; -webkit-text-stroke-width: 0px; text-decoration: none;" class="">
<div dir="ltr" class=""><br class="">
</div>
<div class="">
<div dir="ltr" class=""><b class="">From:</b><span class="Apple-converted-space"> </span>Jessica Murray <<a href="mailto:jlmurray@mit.edu" style="color: rgb(149, 79, 114); text-decoration: underline;" class="">jlmurray@mit.edu</a>><br class="">
<b class="">Date:</b><span class="Apple-converted-space"> </span>February 6, 2020 at 12:37:09 PM EST<br class="">
<b class="">To:</b><span class="Apple-converted-space"> </span>itpartners <<a href="mailto:itpartners@mit.edu" style="color: rgb(149, 79, 114); text-decoration: underline;" class="">itpartners@mit.edu</a>>, ist-security-fyi <<a href="mailto:ist-security-fyi@mit.edu" style="color: rgb(149, 79, 114); text-decoration: underline;" class="">ist-security-fyi@mit.edu</a>>,
security_sig <<a href="mailto:security_sig@mit.edu" style="color: rgb(149, 79, 114); text-decoration: underline;" class="">security_sig@mit.edu</a>><br class="">
<b class="">Subject:</b><span class="Apple-converted-space"> </span><b class="">Warning: "Incoming emails delayed" Phishing scam</b><br class="">
<br class="">
</div>
</div>
<div class="">
<div dir="ltr" class="">
<div class="WordSection1" style="page: WordSection1;">
<div style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: Calibri, sans-serif;" class="">
<span style="" class="">Please alert staff in your department, lab or center about the phishing emails with subjects like “Incoming emails delayed…” “Missed Call” that look like they are coming from the MIT email server. The Security Team in Information Systems
and Technology (IS&T) has received several reports about it.<o:p class=""></o:p></span></div>
<div style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: Calibri, sans-serif; font-variant-caps: normal; text-align: start; -webkit-text-stroke-width: 0px; caret-color: rgb(0, 0, 0); word-spacing: 0px;" class="">
<span style="" class=""> <o:p class=""></o:p></span></div>
<div style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: Calibri, sans-serif; font-variant-caps: normal; text-align: start; -webkit-text-stroke-width: 0px; caret-color: rgb(0, 0, 0); word-spacing: 0px;" class="">
<b class=""><span style="" class="">How it works</span></b><span style="" class=""><o:p class=""></o:p></span></div>
<div style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: Calibri, sans-serif; font-variant-caps: normal; text-align: start; -webkit-text-stroke-width: 0px; caret-color: rgb(0, 0, 0); word-spacing: 0px;" class="">
<span style="" class=""> <o:p class=""></o:p></span></div>
<div style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: Calibri, sans-serif; font-variant-caps: normal; text-align: start; -webkit-text-stroke-width: 0px; caret-color: rgb(0, 0, 0); word-spacing: 0px;" class="">
<span style="" class="">The email appears to be from MIT (with the display name of Massachusetts Institute of Technology) and many of these emails are coming from compromised MIT accounts. The message says you have some delayed email or are missing some messages
and includes a link to “Recover Delayed Messages.” This link will bring you to a fake<span class="Apple-converted-space"> </span><a href="http://outlook.com/" style="color: rgb(149, 79, 114); text-decoration: underline;" class="">Outlook.com</a><span class="Apple-converted-space"> </span>login
page. If MIT credentials are entered into this page, they will be copied by the attacker. The page then redirects to a legitimate email login page (either O365 or OWA). If the user is already logged in, the email is displayed. If you are not logged in, you
will see a login page and likely assume you mistyped your password.<o:p class=""></o:p></span></div>
<div style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: Calibri, sans-serif; font-variant-caps: normal; text-align: start; -webkit-text-stroke-width: 0px; caret-color: rgb(0, 0, 0); word-spacing: 0px;" class="">
<span style="" class=""> <o:p class=""></o:p></span></div>
<div style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: Calibri, sans-serif; font-variant-caps: normal; text-align: start; -webkit-text-stroke-width: 0px; caret-color: rgb(0, 0, 0); word-spacing: 0px;" class="">
<a href="https://www.flickr.com/photos/ist_atmit/49493605087/in/album-72157674839514551/" style="color: rgb(149, 79, 114); text-decoration: underline;" class=""><span style="text-decoration: none;" class=""><image001.jpg></span></a><span style="" class=""><o:p class=""></o:p></span></div>
<div style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: Calibri, sans-serif;" class="">
<span style="" class=""> <o:p class=""></o:p></span></div>
<div style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: Calibri, sans-serif; font-variant-caps: normal; text-align: start; -webkit-text-stroke-width: 0px; caret-color: rgb(0, 0, 0); word-spacing: 0px;" class="">
<b class=""><span style="" class="">Advising staff</span></b><span style="" class=""><o:p class=""></o:p></span></div>
<div style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: Calibri, sans-serif; font-variant-caps: normal; text-align: start; -webkit-text-stroke-width: 0px; caret-color: rgb(0, 0, 0); word-spacing: 0px;" class="">
<span style="" class=""> <o:p class=""></o:p></span></div>
<div style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: Calibri, sans-serif; font-variant-caps: normal; text-align: start; -webkit-text-stroke-width: 0px; caret-color: rgb(0, 0, 0); word-spacing: 0px;" class="">
<span style="" class="">Please caution your staff not to fall for this kind of fake request. If they have clicked on the fake login page and submitted their Kerberos password, they should change their password immediately. The IS&T Service Desk can help recover
from a phishing attack.<o:p class=""></o:p></span></div>
<div style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: Calibri, sans-serif; caret-color: rgb(0, 0, 0); font-variant-caps: normal; text-align: start; -webkit-text-stroke-width: 0px; word-spacing: 0px;" class="">
<span style="" class=""> <o:p class=""></o:p></span></div>
<div style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: Calibri, sans-serif; caret-color: rgb(0, 0, 0); font-variant-caps: normal; text-align: start; -webkit-text-stroke-width: 0px; word-spacing: 0px;" class="">
<span style="" class="">Encourage your staff to read up on </span><u class=""><span style="color: rgb(149, 79, 114);" class=""><a href="https://kb.mit.edu/confluence/display/istcontrib/Common+Email+Scams" target="_blank" style="color: rgb(149, 79, 114); text-decoration: underline;" class=""><span style="color: rgb(149, 79, 114);" class="">common
email scams</span><span style="color: rgb(149, 79, 114); text-decoration: none;" class=""> </span></a></span></u><span style="" class="">in the Knowledge Base and to watch the quick<span class="apple-converted-space"> </span></span><span class="MsoHyperlink" style="color: rgb(5, 99, 193); text-decoration: underline;"><span style="color: rgb(5, 99, 193);" class=""><a href="https://youtu.be/ZkVr0GLSjE0" style="color: rgb(149, 79, 114); text-decoration: underline;" class=""><span style="color: rgb(149, 79, 114);" class="">“Beware
of Phishy Emails!” video</span></a></span></span><span class="apple-converted-space"><span style="" class=""> </span></span><span style="" class="">for tips on how to combat<span class="apple-converted-space"> </span>phishing. There are also Security Awareness
courses available in the Atlas Learning Center.<o:p class=""></o:p></span></div>
<div style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: Calibri, sans-serif; font-variant-caps: normal; text-align: start; -webkit-text-stroke-width: 0px; caret-color: rgb(0, 0, 0); word-spacing: 0px;" class="">
<span style="" class=""> <o:p class=""></o:p></span></div>
<div style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: Calibri, sans-serif; font-variant-caps: normal; text-align: start; -webkit-text-stroke-width: 0px; caret-color: rgb(0, 0, 0); word-spacing: 0px;" class="">
<span style="" class="">Please continue to report phishing emails like this to </span><u class=""><span style="color: rgb(149, 79, 114);" class=""><a href="mailto:phishing@mit.edu" style="color: rgb(149, 79, 114); text-decoration: underline;" class=""><span style="color: rgb(149, 79, 114);" class="">phishing@mit.edu</span></a></span></u><span style="" class="">.
The best way to send us the information that we need is to<span class="apple-converted-space"> </span></span><span class="MsoHyperlink" style="color: rgb(5, 99, 193); text-decoration: underline;"><span style="color: rgb(5, 99, 193);" class=""><a href="http://kb.mit.edu/confluence/x/dR6ACQ" style="color: rgb(149, 79, 114); text-decoration: underline;" class=""><span style="color: rgb(149, 79, 114);" class="">forward
the email as an attachment.</span></a></span></span><span class="apple-converted-space"><span style="" class=""> </span></span><span style="" class="">If your staff receives an email they aren’t sure about, or believe an account was compromised, they can always
contact </span><u class=""><span style="color: rgb(149, 79, 114);" class=""><a href="mailto:security@mit.edu" style="color: rgb(149, 79, 114); text-decoration: underline;" class=""><span style="color: rgb(149, 79, 114);" class="">security@mit.edu</span></a></span></u><span style="" class="">.<o:p class=""></o:p></span></div>
<div style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: Calibri, sans-serif; font-variant-caps: normal; text-align: start; -webkit-text-stroke-width: 0px; caret-color: rgb(0, 0, 0); word-spacing: 0px;" class="">
<span style="" class=""> <o:p class=""></o:p></span></div>
<div style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: Calibri, sans-serif; font-variant-caps: normal; text-align: start; -webkit-text-stroke-width: 0px; caret-color: rgb(0, 0, 0); word-spacing: 0px;" class="">
<span style="" class="">Thank you for your help in raising awareness about this scam.<o:p class=""></o:p></span></div>
<div style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: Calibri, sans-serif; font-variant-caps: normal; text-align: start; -webkit-text-stroke-width: 0px; caret-color: rgb(0, 0, 0); word-spacing: 0px;" class="">
<span style="" class=""> <o:p class=""></o:p></span></div>
<div style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: Calibri, sans-serif; font-variant-caps: normal; text-align: start; -webkit-text-stroke-width: 0px; caret-color: rgb(0, 0, 0); word-spacing: 0px;" class="">
<span style="" class="">Sincerely,<o:p class=""></o:p></span></div>
<div style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: Calibri, sans-serif; font-variant-caps: normal; text-align: start; -webkit-text-stroke-width: 0px; caret-color: rgb(0, 0, 0); word-spacing: 0px;" class="">
<span style="" class=""> <o:p class=""></o:p></span></div>
<div style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: Calibri, sans-serif; font-variant-caps: normal; text-align: start; -webkit-text-stroke-width: 0px; caret-color: rgb(0, 0, 0); word-spacing: 0px;" class="">
<span style="" class="">Jessica Murray<o:p class=""></o:p></span></div>
<div style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: Calibri, sans-serif; font-variant-caps: normal; text-align: start; -webkit-text-stroke-width: 0px; caret-color: rgb(0, 0, 0); word-spacing: 0px;" class="">
<span style="" class="">Information Security Officer<o:p class=""></o:p></span></div>
<div style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: Calibri, sans-serif; font-variant-caps: normal; text-align: start; -webkit-text-stroke-width: 0px; caret-color: rgb(0, 0, 0); word-spacing: 0px;" class="">
<span style="" class="">Information Systems and Technology<o:p class=""></o:p></span></div>
<div style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: Calibri, sans-serif; font-variant-caps: normal; text-align: start; -webkit-text-stroke-width: 0px; caret-color: rgb(0, 0, 0); word-spacing: 0px;" class="">
<span style="" class="">MIT</span></div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
<br class="">
</div>
</div>
</div>
</div>
<br class="">
</body>
</html>