Beware of Phishing Emails with a Green Display Message Button

by Jonathan Ashton.

An ongoing phishing campaign targeting educational institutions in the US and the UK has now been seen by some SHU staff members.

Messages often appear to be from a known contact of the recipient and contain a subject line that has been used previously in communications between the sender and recipient e.g. “Re: Sheffield Hallam Open Day- Saturday 18th August 2018”.

The message may contain very little text and what looks to be a green button labelled “Display Message”, “Click here to view message” or similar text.  Below is an example:

This button should NOT be clicked. If you do accidently click it, do not enter your username and password on the webpage that you are taken to.

If you have already entered your credentials, then the you must change your password immediately, using the “Changing your password” link on the Staff homepage or by visiting http://go.shu.ac.uk/password.

Instructions for dealing with phishing emails can be found here: https://portal.shu.ac.uk/departments/is/ithelp/helpme/pages/suspicious_emails_phishing.aspx

There have so far been relatively few of these emails seen at SHU but the experience of other educational institutions suggest this situation may change

A cyber-awareness course is available at http://go.shu.ac.uk/cyberaware – completing it will help protect yourself and the university.