Cybersecurity Alert: Active Phishing Attacks & Account Deactivation Messages

The Cybersecurity Assurance and Digital Trust Department (CADT) in the Division of Information Technology is tracking multiple active phishing campaigns that have impacted our campus community. If you received a message regarding deactivation of your account, please be aware this is a phishing message. Additionally, DoIT is not giving away any welding tools (sorry).

Compromised users are being notified and their account passwords scrambled to safeguard their accounts. They are also receiving personalized myUMBC posts informing them of the events.

If you have received notices from CADT, make sure you change your password to a long, unique value that you have not used on myUMBC or other services in the past. It is important that you do not provide attackers with your DUO two-factor authentication codes or accept push notifications you have not initiated.

Users who believe they have already clicked on the phishing links should contact security@umbc.edu to report the phishing email.

Thank you for assisting us in keeping the campus community safe!