Phishing attempt using PDF files
Several emails have been distributed from compromised accounts with links to download pages that contain PDF documents. These documents in turn contain a link to a page that has an appearance similar to a login page at LiU, albeit simplified. The link to the fake login page contains “fsliu” in order to increase its credibility. The correct link shown when logging in to authentic LiU pages starts with “fs.liu.se” or “login.liu.se”.
This attempt is reasonably easy to identify as phishing, but it does mean that LiU is currently in focus for an actor who is trying to gain access to login data. Take extra care when dealing with email or other correspondence that arouses suspicion, and be particularly careful when inputting login data.
Useful info from the Incident Response Team:
- Relax! A fraudster will want to give the impression that things must happen quickly.
- Check the email address of the sender. If you can’t see this in a mobile app, use the webmail interface to read email.
- Ask a colleague whether the email appears genuine or not. If it seems a bit off, it usually is. Don’t take any risks!
Last updated: 2021-10-19