Multi Factor Authentication (MFA). MFA can help with credential harvesting. Once an attacker has your password, the attacker might attempt to open any resource that uses that username and password combination. Without MFA, you credentials could be used to access
Email to look for information or to use your account to phish others
MaineStreet or other enterprise systems looking for data to perform a data breach,
Employee Self Service to change your direct deposit information.
Don’t reuse passwords. Once criminals have obtained your credentials, they will try to use similar names and passwords on other sites such as banks. Unless those are protected with MFA, the criminal could get in. The Acceptable use policy prohibits you from using the same username and password combination that you use for University accounts on non-university account.
Don’t respond to unsolicited communications that request you take action to avoid consequence, without verifying
Don’t open attachments. Fake invoices may tempt you to check to see if it is something that you actually purchased, but might contain malware.
Verify with a Trusted Source
Contact the sender directly - but not through the contact information provided by that message and NOT by simply replying to that message.
Check the website or login to an account with the means you normally use.
Report the phishing as indicated below . If you believe a suspicious looking message might be real, report it and ask for help discerning its legitimacy.
If you believe you may be phished, follow the actions below
Delete the message
Report the phishing as indicated below.
Change your password if you provided your credentials. Remember, you can log into your UMS account through the Mycampus Portal and you can change your password at accounts.maine.edu.
Check your direct deposit information to be sure the banking information hasn’t been changed
Check your email account to be sure filters haven’t been changed. Criminals reset filters to help mask the use of your email to send phishing to others. Check in gmail by:
Selecting the gear symbol in the upper right corner
Choosing “See all settings”
From the top line setting menu select “Filters and Blocked Addresses”
Look through the list to see if these are filters you have set (typically the criminal will have some emails automatically deleted so that you won’t notice the activity)
Report phishing or ask to help verify whether a message is phishing by contacting phish@maine.edu Specific guidance is found in article: Phishing emails