Harvard Information Security has been made aware of a phishing email scam targeting the Harvard community. The attackers are posing as Harvard University representatives asking for account information, including HarvardKey credentials, and linking to a fake Harvard login screen. We believe the goal of this phishing attack is to access personal information including W-2s. Harvard Information Security is reaching out directly to any individuals who have been affected by this attack and we are taking other protective steps.
The image below is a copy of the email that was used in this most recent phishing attack. See if you can spot the warning signs in this message.
Visit http://security.harvard.edu/click-wisely for tips on how to fight phishing.
How to Report
Phishing attempts are common. If you receive a Harvard-related phishing email or phone call, contact the IT Service Desk at email@example.com or 617-495-7777.