CIS is investigating reports of phishing emails posing as a Blackboard message directed to users of the CUNY-hosted email services with a hyperlink to a potentially malicious site.
Security Threat Identification/Symptoms
The phishing email can be identified by characteristics similar to the following:
FROM: “Blackboard” (but underlying email address is different)
SUBJECT: “Important Updates From Your Faculty. [Mark As Not Spam]”
“You have received 2 New Important messages from your Admin Center, see below to review;
If you think you have already been impacted by this security threat
If you received this message or one similar to it, delete it and do not click on any links, open any attachment, or reply to the message. If you already responded to the phishing email, immediately contact the CIS Service Desk at firstname.lastname@example.org or 646.664.2311.
While CIS continues its investigation into this security threat, please continue to observe the following security procedures:
- Continue to contact your HelpDesk if you receive a suspicious email
- Treat all unsolicited emails from unknown sources as suspicious
- Don’t be fooled by phishing emails that conceal malicious intent by imitating official communications from legitimate businesses, organizations, or people—call to confirm message validity
- Don’t open file attachments or click on embedded links from an untrusted source
- Don’t be tricked into giving away personal or confidential information
Security Alert Updates
CIS will send an update when there is more information to share.