document iconmyCSUSM
cougar courses logoCOUGAR COURSES
email iconEMAIL
email iconMS OFFICE APPS
password iconPASSWORD
MANAGEMENT
Your  Account:
document iconmyCSUSM
cougar courses logoCOUGAR COURSES
email iconEMAIL
office iconMS OFFICE APPS
password iconPASSWORD
MANAGEMENT
Cybersecurity Education Hub

Docusign Phishing Scam

This morning the campus was hit with another fairly massive phishing attempt.  

This latest message has the following characteristics:

  • Sender is a campus employee whose credential were compromised
  • Subject line is “ATF”  

Body of the message looks similar to this example:

docusign

If you were to click on the “Please click here…” link, you would be brought to a web page appearing to be a Microsoft login page where you will be prompted to enter your username and password.  We have blocked the site from being accessible from on campus.


If you received this email but did not click, please just delete it.  

If you clicked and entered your username/password you must immediately change your password and update your security questions. (If they have your password, they can replace your security questions with their own and then are able to get right back into your account.)

If you clicked but did not enter your username/password, you should be safe.

We all know that it is very difficult to prevent these attacks, and often difficult to identify a sophisticated phishing message.  This fall we will initiate a campus conversation about using multifactor authentication for off-campus access to resources like email to better protect against these types of attacks. Please review multifactor authentication for more information.