The Rice community continues to be the target of aggressive phishing attacks that attempt to steal usernames, passwords, and Duo passcodes. Once stolen, these credentials are often used by thieves to access iO to make changes to direct deposit information. The messages have subjects like “Time-Sensitive: Monkeypox Case Confirmed,” "Urgent Update: Confirm Recent Contact with Student,” or “Action Required: Verify Contact with Monkeypox Case." These often appear to be sent from members of our community. These emails are malicious.
If you receive an email like this, please delete it and do not take any other action on it. If you have visited the link, provided login information, or replied to the sender, please change your password, look for changes to your Duo multifactor settings, and review your direct deposit information in iO as soon as possible and contact the OIT Help Desk at 713-348-HELP or helpdesk@rice.edu.
Please remain vigilant and be skeptical of unusual emails. As always, if you receive an email that you have questions about, please forward it to phishing@rice.edu.
Thank you for keeping Rice resources secure!
See also:
Check out the Phish Bowl – on this web page, you can read some recent email scams and tips for spotting fake email messages so you can protect yourself and the university from scammers. And be sure to explore the rest of the Information Security Office's web site for more information on precautions to take to protect campus digital data. Protecting the privacy and security of institutional data is the responsibility of everyone in the Rice community. See also University Policy 808, Protection of University Data and Information.