Disclaimer: This news item was originally posted on Friday, Jun 23, 2017. Its content may no longer be timely or accurate.

Blackboard Phishing Alert

Posted: 12:23:01, Friday, Jun 23, 2017   Expiration: 12:23:01, Friday, Jun 30, 2017

There is a phish attempt that references a Blackboard service. The phish is delivered via email asking the recipient to click a link to read messages from Blackboard admins. The user is taken to a fake site and prompted for information and asked to login. Recipients should delete this phish email immediately.

Blackboard Phishing Announcement

There is an active phishing campaign that has been detected on campus. The phish is in the form of an email message from Blackboard Admin. The message indicates that the user has a number of messages that have been posted to their Blackboard learning page online and urges them to click a link to read the messages.

When the user clicks on the link, it takes them to what appears to be a Blackboard site with the UW-Madison name and crest on the top of the page. The fake site asks the user to log in with their name, email address and password.

The DoIT Help Desk has received several cases to date in which users have fallen victim to the scam.

The phishing campaign is using compromised wisc.edu emails to send the phishing emails to other wisc.edu addresses. The campaign appears to be evolving, the phishing URL keeps changing. There have been three different URLs reported so far.

Users should be on the lookout for this phish and to delete it immediately. Remember, the UW will never send an email message asking users to provide their password.

-- UW-Madison Office of Cybersecurity

Created: 16:44:22, Thursday, Jun 22, 2017 (by Chris M.)
Updated: 09:19:13, Monday, Jun 26, 2017 (by Leah S.)