Recent Phishing Message

Leila Sharma

Please be advised of the following phishing message:

Screenshot of an email dated 10/20/16 purporting to be from a sender at utoronto.ca with the following text "Hi Dear (name blocked out) I recently read your last article and it was very useful in my field of research. I wonder, if possible, to send me these articles to use in my current research: (two links follow). Thanks for your Cooperation in Advance." signed "Dr. Peter Landry, Toronto University, Department of Management, phone 905 569 5787z'.

Please be reminded of the importance of hovering over each link in an email message and confirming where a link will direct you before clicking it. Although the first link in this message appears as: https://shibboleth.nyu.edu/idp/profile/SAML2/Redirect/SSO;jsessionid=a14tjdxg5d4av4qfd9m4o1cf?execution=e1s1
and has known and familiar elements, it is spoofed. When you hover over the link (in the received message), what displays is: http://shibboleth.nyu.edue.in/idp/profile/SAML2/Redirect/Loginpage.php?
Please note that what you are looking for is https://shibboleth.nyu.edu and other variants indicate a malicious link.

If you received this message, and clicked the first embedded link, and entered your credentials at the spoofed login prompt, please take the following steps:

  • Immediately reset your password. Please see Changing your NetID/NYUHome password for  instructions.
  • For NYU employees, please confirm your Direct Deposit information in PeopleSync (Workday).