08/16 Phishing alert! Subject: “Benefits”


The UW-Madison Office of Cybersecurity is aware of an active phishing campaign on campus in which the attacker offers to “provide $2,300 in relief to eligible employees experiencing financial hardship.” See screenshot:

NOTE: The last reported phishing email like this example was sent on August 16, but such attacks can happen at any time. Please be on the lookout.

How can I identify this phishing attempt?

  • The first paragraph contains a spelling/grammatical error: “support all students and staff to get through these difficult times”.
  • The hypertext “WSC COVID-19 Benefits” contains a misspelling (WSC instead of WISC) and links to a non-UW URL cabanova.com.

Always scroll each hyperlink

The most important habit to adopt to protect yourself from phishing attempts is to always scroll through each hyperlink, whether word or URL, to see what web address the link actually goes to. When you scroll through a hyperlink, its destination URL is displayed as a tooltip.

What should I do if I receive this phishing attempt?

Use the option in Outlook to “Report Phish” and it will be removed from your inbox. For more details, see Office 365 – Submit a message as spam/phishing (Source: KB 45051).

What should I do if I accidentally clicked on one of the fake portal links?

Immediately change your NetID password by following the instructions in NetID: changing a password (Source: KB 20589).

Additionally, the Cybersecurity Office recommends the following if you submitted information after clicking:

  • Report stolen credit card information to the appropriate banking institution.
  • Report identity theft to your local PD and the Federal Trade Commission’s voldidentite.gov website.

How can I learn to recognize other phishing attempts?

Go to Learn to recognize and report phishing (Source: it.wisc.edu).

Stay up to date on phishing attempts by visiting our Scam Alerts page (Source: it.wisc.edu).

If you’re ever unsure whether an email message is legitimate, don’t respond to it. Contact the DoIT Helpdesk (608.264.4357) for guidance. The UW-Madison Office of Cybersecurity will then block the criminal element from sending further emails and gather evidence for a possible prosecution of the crime.


Comments are closed.