Sophisticated phishing email sent out this week; find out what to do if you clicked and how to recognize future attempts

Many users have received a sophisticated phishing email that imitates the Case Western Reserve University brand and includes official-looking but fraudulent imitations of the university’s webmail address. Clicking the links will lead to a fraudulent single sign-on page hosted on a non-CWRU Web server.

If you received this email, do not click the links or attempt to sign in to the fraudulent page. Doing so can put your network account, and the information it contains, at risk. If you have clicked the links or attempted to log in to the fraudulent page, please contact the ITS Service Desk at 216.368.HELP (4357) as soon as possible. Information Technology Services (ITS) is monitoring the situation.

Phishing is the fraudulent process of attempting to acquire sensitive information, such as usernames, passwords, or credit card details by masquerading as a trustworthy entity in an electronic communication.

Learn to recognize fraudulent email and avoid handing your password to criminals. Before clicking ANY link, hover (but don’t click) your pointer over the link to reveal its real Web address. Depending on your browser, it may appear as a pop-up near your mouse pointer or at the lower left corner of your browser window. If the URL that appears is different than the URL indicated in the email, it is likely an attempt to phish. If you already have clicked the link, check your browser’s address bar to verify that the page you are on matches the text of the link you clicked.

If you have questions about the legitimacy of email that appears to be sent to you by a CWRU entity, forward it to help@case.edu with a request for assistance.