Phishing Attack Targeting Duke Email Users (December 3, 2012)
This morning an attacker launched a phishing attack targeting Duke email users. The message is entitled "Duke University New Outlook Web App (OWA)" and requested the user to click on a link called "Outlook Web App (OWA) to access their mail account.
If you click on the link, you are taken to a non-Duke site and asked for your Duke netID and password. The site looks very similar to Duke's Outlook Web Access site, but it is a fraud, as indicated by the website's address: "http://exchange -duke.yzi.me/."
If you submitted your credentials to this form, please contact the OIT Service Desk or the Duke IT Security Office immediately.
OIT Service Desk:
Duke IT Security Office:
The message looks like the following: