Phishing emails sent to bu.edu accounts requesting passwords
Recently there have been a series of phishing emails sent to email accounts in the bu.edu system that claim the recipient’s mailbox has exceeded its storage limit. These fraudulent emails, claiming to be on behalf of the BU system administrator and/or BU Human Resources, contain a link with a request for the recipient’s email password. The email system was exploited a year ago in a similar phishing scheme in which passwords were requested to the recipient’s BU Works account for purposes of updating payroll records.
The University does not send emails which contain requests for user names and/or passwords. Any email requesting you to click on a link to increase email storage or update/change payroll records should be considered suspect. Do not click on links and do not provide any information requested. These emails should be forwarded to BU Information Services and Technology (IS&T) at abuse@bu.edu for further advice.
Information on reporting suspicious emails can be found at: http://www.bu.edu/tech/services/comm/email/unwanted-email/report-abuse/