Crafty phishing emails capturing UH credentials

University of Hawaiʻi accounts continue to be the targets of phishing campaigns. The malicious users coordinating these campaigns have employed several techniques that allow these phishing messages to evade detection and reach UH email accounts. Recently, this has resulted in several UH accounts becoming compromised. Stay safe online by remembering the following tips:

• Be vigilant about protecting personal information, such as your UH Username and password and your social security number. Never respond with any personal information (like your social security number) to an unsolicited email.
• Be careful when clicking on links, particularly when the link points to a website that does not begin with “https://www.hawaii.edu” or (something).hawaii.edu.
• Be especially cautious when presented with a “UH Login” page. Make sure the web address starts with “https://authn.hawaii.edu/”
• Be safe, if you think you may have provided your UH Username and password in response to a phishing message, change your password immediately. You can check your Google@UH login activity by following the instructions at: https://www.hawaii.edu/askus/1587
• S.E.A.R. the Phish: Stop. Examine. Ask. Report.

Also, be aware that malicious users appear to be using a technique called MFA fatigue to log into multi-factor authentication (MFA) protected accounts. The malicious user will login to a compromised UH account and continue to send Duo Push or phone calls to the account’s registered MFA device until the account owner accepts the Duo Push or phone call, thereby allowing the malicious user access to UH services, such as Google@UH Gmail or HIP, using the compromised account.

If you receive a Duo request and are not trying to log into your UH account, do not accept the request! Deny the Duo request and change your password immediately.

If you have any questions, please contact the ITS Help Desk at 808-956-8883, toll free (neighbor isles) 800-558-2669, or email help@hawaii.edu.