Phishing Warning: “usc.edu”

USC account holders have reported receiving phish emails similar to the one listed below. If you have received a similar phish, do not reply or click any links in the message.

Sample email:

From: XXXXXXXXXXXX <xxxxxxxx@usc.edu>
Sent: Monday, March 25, 2019
To: [Various recipients]
Cc: [Various recipients]
Subject: usc.edu

Dear usc.edu User,

  Your usc.edu account was recently login from a strange IP Address starting with: 678.30.76.42… For these reasons our records indicate you are no longer a valid/active and current user. your account has been scheduled for resetting on this month of MARCH/2019. As part of these process, your account, files, Email Address messages, Etc. will be place on hold and be deleted after 3 working days. You will lose access to your account. To Retail Your Account,

you are advice to respond promptly with your valid and active user info. See required info below:

Name In Full:
Email:
Password:
Tel Number:
A Valid ID:

Failure to respond on time will lead to this account De-activated from the Database within the next 3 working days.

usc.edu.

Thank You.

NOTE: This message has been verified by our “Authentic Message. Registry” group.

usc.edu.

If you have received this phish, do not respond or click the embedded link. If you have responded or clicked the link and were asked to give up your USC NetID password, change your USC NetID password immediately by going to the Popular Logins menu bar on the ITS website and clicking the link labeled change your password.

As phishing campaigns become increasingly sophisticated and harder to detect, we urge you to use extreme caution when clicking links in messages or attachments you receive from unknown senders. While antivirus programs may automatically scan messages for embedded malware, they do not automatically scan for malicious links in attachments.

ITS encourages you to consider the following tips when handling suspicious email:

  • If you are unable to see or do not recognize a link’s destination URL, do not click the link.
  • Never provide personal information, such as your passwords, social security number, or bank information, on a website you access by following a link in an unsolicited email or attachment.
  • If you must open an email attachment, first scan it using your antivirus software. To scan an attachment on a PC or Mac running USC’s free Sophos Antivirus, save the attachment to your desktop, right-click the file, and choose Scan with Sophos Antivirus.