Our team was alerted to a sneaky phishing email that came in just before the long weekend.
This email had a link to a fake Outlook login page: a classic phishing attempt. If you enter your username and password on this page, the scammer now has your login details – but your account is protected with multi-factor authentication, so just your password isn’t enough to let them in. That’s where this scam gets tricky.
The scammer then poses as someone with UFV’s IT Service Desk. They call or text you, and ask for the code sent to your MFA registered phone number or app. Giving them this code will finally give the scammer access to your account.
How to protect yourself:
- IT Service Desk will NEVER ask for your MFA codes. Never share MFA codes with a person.
- Forward suspicious emails or text messages to phishreport@ufv.ca.
- Review our account security tips, including how to review your sign in history and reset your password.
Comments are closed.