A phishing campaign has targeted the university, resulting in many students and some faculty and staff receiving numerous fraudulent, harmful messages. The Enterprise Security and OCIO teams are working to address this problem.

What to look for

Features of this campaign have included:

Messages sent as a “reply to” a message already in the infected user’s inbox, which makes it harder to detect.

The body of the message does not contain a greeting, a signature or an explanation for why the user would be sending you a link rather than including the information in the message. Messages may appear similar to this screenshot below (left)

Messages include a link that directs you to an unrecognized, possibly malicious site (usually addresses that end in something other than “osu.edu,” as depicted in the screenshot below (right)

What you should do

To avoid being infected:

Be mindful of all email you receive and please DO NOT click on the link

Forward the message to report-phish@osu.edu.

Be sure your anti-virus and software updates are current.

If you already clicked the link and think you may be infected:

Look for any strange activity on your device or email.

Change your university password immediately.

If you have questions please contact the IT Service Desk at (614) 688-4357 (HELP).

If you need additional help, the university provides technical support for personally owned computers and phones through BuckeyeBar locations in the Thompson Library and Tech Hub (https://ocio.osu.edu/help/locations(link is external)).

We will continue to update this post as we have updates and as the situation evolves.