Security Alert! Two New Phishing Scams Target UMass Amherst Community - Mon., 1/29

thowe | Mon Jan 29, 2018

On January 29, 2018, two new fraudulent phishing messages began targeting UMass Amherst email users.

The first message has the subject "You have a Faculty Message from Nair Remya." The email appears to have been sent by "Nair, Remya <rnair@wustl.edu>” and contains the message "You have a Faculty E-Learning message notification file from Nair Remya" and includes a link titled "SIGN IN HERE."  The link in the message directs the user to a fraudulent version of the Umail on the Web login page.

The second message has the subject the subject "Response required on your account with us." The email appears to have been sent by "Bank of America<job@totomoni.com>" and contains the message "We're sorry – Update your access to Bank of America because of recent activity on your account" and includes a link titled "Click Here . To Update Your Account." The link in the message directs the user to a fraudulent version of the Bank of America login page.

Caution: These emails did not come from the University of Massachusetts. They are a phishing scam designed to trick you into providing your NetID password to get access to your personal information and/or UMASS information technology services for fraudulent purposes.

Do not respond to the fraudulent message or click the link! Responding or clicking the link in the message may put your information and the university's information and systems at risk.

If you have already responded to the message, change your IT Account password in SPIRE immediately.

For more information about this phishing scam or to learn more about what you can do to protect yourself, see the News section of the UMass Amherst IT website. Please report suspicious messages to itprotect@umass.edu.

When receiving suspicious messages or messages from unknown senders, we recommend that you:

  • Verify the identity of anyone who requests your personal information. Never provide financial data or other personal information in response to an email or on an untrusted site or form.
  • Report these messages to itprotect@umass.edu.

Learn more about phishing attacks and how to avoid getting caught: 

Phishing messages:

Message 1:
image of first phishing email

Fraudulent login page linked to in message 1:
fake umail login page - the URL is blurred out, but the address was not a trusted umass web address.


Message 2:
phishing email message 2, pretending to be from BOFA

Fraudulent login page linked to in message 2:
fraudulent bank of america login page linked to in the second phishing message. The web address is blurred out here, but it was not a trustworthy web address - a big long string of letters and numbers.