IT attack aimed at LiU
(Updated 2022-01-27 15:02)
An e-mail has been sent on 25 January where the recipient is instructed to follow a link due to a login from an unknown device. This is a phishing attempt, and it should be reported according to the spam routine.
Be on the lookout for email that directly or indirectly request your login credentials, even if they’re sent from within LiU.
If you believe that you have clicked on the link, change your password immediately on the “My accounts” page at minit.liu.se.
The IT Division will reset the password for about 200 users who clicked the link and visited the website in the afternoon of 25 January. Students who need to reactivate their account again can contact the Info Centre for assistance.
If you have fallen for the phishing and use the same password for other services, we recommend strongly that you change your password at the other services. This is because there is a large risk those who have obtained your password will test it for login to other services.
At LiU, a security feature called Safelinks is active, which can give a warning if a link leads you to an insecure page. Make it a habit not to click on suspicious links and do not visit unsafe pages if you receive a warning. See more information about IT security.
Update 2022-01-26 at 14:20
Different variants of phishing emails have been sent out from LiU accounts today. Stay alert and be on the lookout for this kind of email.
Update 2022-01-27 at 15:00
Work on preventing phishing has continued this week. Up to 10,000 LiU-internal emails have been stopped pre-delivery by the IT Incident Response Team. Several other kinds of emails have, however, got through. The Helpdesk and Info Centre can help to reactivate accounts that have, for security reasons, been blocked after clicking on these links.
The possibility for LiU students to use two-step verification with their LiU accounts is currently being investigated. With two-step verification, students will be able to confirm their login attempts and prevent unauthorised login attempts. More information will be given via student news soon.
General advice from the IT Incident Response Team concerning phishing:
- Slow down! Fraudsters often try to trick you into thinking that something is urgent.
- Check the sender’s email address. If you can’t see the address in, for example, your mobile app, take a look at the email in webmail. Is the sender somebody you’re normally in contact with? Does it seem reasonable that this sender is sending this kind of information?
- Check with someone else to see if they think the email is genuine. If anything seems fishy, then there’s probably something wrong. Don’t take chances!
Last updated: 2022-01-27