You are here: American University Information Technology IT Security Phishing and Scam Advisories
Contact Us
OIT Phishing and Scam Advisories
Even with some of the most sophisticated technology, malicious emails and phishing attempts still make their way to the email inboxes of users in the AU community.
OIT will never ask for your password.
If you believe your account has been compromised or that you have been a victim of a phishing attempt, plese contact the OIT Help Desk immediately at 202-885-2550.
Best Practices
- When performing a password reset, make sure your new password is something unique, is not used on other services, and has never been used before.
- Always report fraudulent MFA prompts that you have not initiated.
- Never accept an MFA prompt you have not initiated.
- If you do receive a fraudulent MFA prompt, reset your password immediately. An MFA prompt can only be generated by someone who already has your username and password.
- Use the Cofense Report tool to report phishing attempts you receive in your AU Email.
How do I use the Report Phishing button?
The Report Phishing button is a simple solution for safely forwarding a suspicious email to the OIT Help Desk. Within your AU email account, the Report Phishing button is found on all versions of Outlook:
Outlook (Desktop)
- With an email open, in either its own window, or in the Outlook preview pane, look for the Report Phishing icon on the Outlook ribbon.
- Click the Report Phishing icon.
- Report Phishing will open a sidebar and begin packaging the email details on your behalf.
- When the packaging is complete, a final prompt will appear.
- In the prompt, click OK to forward the suspicious email to the OIT Help Desk.
- The sidebar will close, and after a moment, the suspicious email will be deleted from your Outlook inbox.
Outlook for Mobile (iOS)
- Open an email as you normally would.
- In the upper right, tap the 3-dot icon (click on picture to expand).
- From the menu that appears, tap the “Report Phishing” icon.
- The Report Phishing mechanism will take a moment to package the details of the email.
- Tap OK on the remaining prompt to send the report to the Help Desk.
Outlook for Android
- Open an email as you normally would.
- In the upper right of the email, just beneath the email delivery timestamp, tap the hamburger menu (click on picture to expand).
- From the menu that appears, tap the Report Phishing icon.
- The Report Phishing mechanism will take a moment to package the details of the email.
- Tap OK on the remaining prompt to send the report to the Help Desk.
Outlook Web Access
- Open an email as you normally would
- In the email click on the context (three dot) menu.
- Select "Report Phishing" from the sub-menu.
- Report Phishing will open a sidebar and begin packaging the email details on your behalf.
- When the packaging is complete, a final prompt will appear.
- In the prompt, click OK to forward the suspicious email to the OIT Help Desk.
- The sidebar will close, and after a moment, the suspicious email will be deleted from your Outlook inbox,
Current Advisories
The following examples are known phishing and scamming attempts circulating in the AU community. These are not legitimate emails.
IT DESK February 23, 2023
#Phishing
HIRE IMMEDIATELY February 23, 2023
Alternate Subjects:
CAMPUS JOBS OPPORTUNITY
#Phishing
Piano Giveaway January 17, 2023
#Scam