As an update to our April 8, 2019 post, please be advised that the “Silent Librarian” hacking group has been linked to a recent phishing campaign primarily targeting universities around the globe, with the intent to steal credentials and intellectual property. A phishing message in this campaign (shown below) states that due to inactivity, your account is about to expire, and requests reactivation via an embedded link that you can either click or copy/paste into a web browser. The link will take you to a spoofed site, which is designed to steal credentials.
For information on how to preview URLs (preview the link destination before you click), please see the following NYU KnowledgeBase article, Security Education: Previewing URLs. Please be reminded that clicking embedded links or opening unexpected attachments, even from supposedly known sources, is not recommended. Instead, visit sites by typing trusted URLs into the browser’s address bar, and confirm the legitimacy of any unexpected attachments via a phone call to a trusted phone number.
Image source: Proofpoint