Many institutions of higher learning are falling prey to an increasing number of phishing attacks. Simmons is no exception. Phishing attacks have soared 220%1 since the beginning of the pandemic. Despite our active monitoring efforts and alerts to the community, too many of us still fall victim. Breaches of Simmons login credentials this month have resulted in compromised computers used to send even more phishing messages and most recently unlawful access to Workday where banking information was exposed and in one case changed. Giving up your password to a phishing site has serious consequences.
Tag Archives: 202201
Phishing and Imposter Websites
Cybercriminals are adept at creating imposter websites that look like standard login pages for Google, Microsoft Live, and even Simmons’ own login page. Simmons login page url will always begin with “idp.simmons.edu” and any other url even if it contains “simmons.edu” later in the text is not our login page.
Sharkpass/DUO Do’s and Don’t
While Sharkpass/DUO gives us an edge against cybercriminals, it is not foolproof. Imposter login websites often include a false DUO page and ask for you to input a code from your DUO mobile app. Doing so gives up your account to thieves who then have access to your personal information and the ability to direct your paychecks or refunds away from your bank account. Simmons Sharkpass/DUO page will also only begin with “idp.simmons.edu.”
What else you should and shouldn’t do
- Change your password regularly.
- Report phishing messages you receive in the Gmail menu with “Report Phishing”
- Don’t forward phishing messages to anyone. Friends and colleagues can fall victim too.
- Consider using Gmail’s mobile apps on iPhone and Android instead of the provided mail apps. Gmail’s app presents warnings about suspicious messages and allows you to report phishing messages.
- Don’t click on links or download attachments from messages you are not expecting.
Remember, real Simmons sites start with “idp.simmons.edu!”