{"id":1302,"date":"2026-01-28T13:00:16","date_gmt":"2026-01-28T18:00:16","guid":{"rendered":"https:\/\/www.montclair.edu\/phish-files\/?p=1302"},"modified":"2026-02-16T11:05:35","modified_gmt":"2026-02-16T16:05:35","slug":"last-announcement-portal-update-alert","status":"publish","type":"post","link":"https:\/\/www.montclair.edu\/phish-files\/2026\/01\/28\/last-announcement-portal-update-alert\/","title":{"rendered":"ÌÇÐÄvlog IT LAST ANNOUNCEMENT Portal Update Alert, JANUARY!"},"content":{"rendered":"<p><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/www.montclair.edu\/phish-files\/wp-content\/uploads\/sites\/290\/2026\/01\/Montclair-State-University-IT-LAST-ANNOUNCEMENT-Portal-Update-Alert-JANUARY-page.png\" alt=\"Screenshot of phishing form connected to phish.\" width=\"815\" height=\"1227\" \/><\/p>\n<h2>Why this looks valid:<\/h2>\n<ul data-path-to-node=\"6\">\n<li>\n<p data-path-to-node=\"6,0,0\"><strong>Logical Premise: <\/strong>IT frequently perform maintenance and security updates, making the request seem routine.<\/p>\n<\/li>\n<li>\n<p data-path-to-node=\"6,1,0\"><strong>Specific Instructions: <\/strong>Mentioning &#8220;conflicting issues&#8221; with other universities adds a layer of technical detail that can sound professional.<\/p>\n<\/li>\n<li>\n<p data-path-to-node=\"6,2,0\"><strong>Convenience:<\/strong> The email suggests you can perform the update from a mobile device or home computer, which aligns with modern remote-access policies.<\/p>\n<\/li>\n<\/ul>\n<h2>Why this is phishing?<\/h2>\n<ul>\n<li>\n<p data-path-to-node=\"9,0,0\"><strong>Artificial Urgency:<\/strong> The &#8220;48-hour&#8221; deadline is a high-pressure tactic designed to make you act before you think.<\/p>\n<\/li>\n<li>\n<p data-path-to-node=\"9,1,0\"><strong>Threat of Account Loss:<\/strong> IT would not threaten to delete your account over a routine database update.<\/p>\n<\/li>\n<li>\n<p data-path-to-node=\"9,2,0\"><strong>Generic Greeting: <\/strong>Using &#8220;Dear User&#8221; instead of your name is a sign of a bulk phishing campaign.<\/p>\n<\/li>\n<li>\n<p data-path-to-node=\"9,3,0\"><strong>The &#8220;P.W.&#8221; Disclaimer:<\/strong> IT will <strong>never<\/strong> ask for your password via an external form or link. Asking you to provide your &#8220;password for verification&#8221; is a 100% guarantee of a scam.<\/p>\n<\/li>\n<li>\n<p data-path-to-node=\"9,4,0\"><strong>Poor Grammar\/Formatting:<\/strong> &#8220;Everyone is expected to update his\/her details&#8221; and the awkward &#8220;NOTE::&#8221; section are unprofessional and typical of phishing templates.<\/p>\n<\/li>\n<li><strong>External Sender<\/strong>: The email address is not from our domain.<\/li>\n<\/ul>\n<h2 data-path-to-node=\"10\">Immediate Steps to Take<\/h2>\n<ul>\n<li data-path-to-node=\"13,0,0\"><strong>Do Not Click: <\/strong>Avoid clicking any links or copying\/pasting the URL.<\/li>\n<li data-path-to-node=\"13,0,0\"><strong>Report the Email:<\/strong> Use the <a href=\"https:\/\/www.montclair.edu\/information-technology\/security\/pab\/\">Phish Alert Button (PAB)<\/a>.<\/li>\n<\/ul>\n<h2 data-path-to-node=\"12\">If You Already Clicked or Entered Credentials<\/h2>\n<p data-path-to-node=\"16\">If you entered your Montclair email and password into the provided link, follow\u00a0these steps immediately:<\/p>\n<h3 data-path-to-node=\"17\">1. Change Your Password<\/h3>\n<p data-path-to-node=\"18\">Reset your password via the <a href=\"https:\/\/iams-amc.montclair.edu\/page-intro\">NetID Account Management Center<\/a>. If you use this password for other accounts (Gmail, Banking, etc.), change those as well.<\/p>\n<h3 data-path-to-node=\"19\">2. Monitor Your Duo MFA Alerts<\/h3>\n<p data-path-to-node=\"20\">If you start receiving Duo requests you did not initiate, report them as Fraud and reset your password.<\/p>\n<h3 data-path-to-node=\"23\">3. Monitor for Fraud<\/h3>\n<p data-path-to-node=\"24\">Keep a close eye on your financial accounts and any personal information tied to your school profile for the next few weeks.<\/p>\n<h2>Additional Notes:<\/h2>\n<ul>\n<li>Do you think you&#8217;ve fallen for a scam? Did you share personal information? Downloaded malicious content? Please contact the IT Service Desk at <a href=\"tel:973-655-7971\">973-655-7971<\/a>\u00a0option 1 or email <a href=\"mailto:itservicedesk@montclair.edu\">itservicedesk@montclair.edu<\/a>.<\/li>\n<li>Use the <a href=\"https:\/\/www.montclair.edu\/information-technology\/security\/pab\/\">Knowbe4 Phish Alert Button (PAB)<\/a> to report malicious emails directly to the Information Security team for review. If you are not using the Gmail client please forward the email to <a href=\"mailto:phishfiles@montclair.edu\">phishfiles@montclair.edu<\/a>.<\/li>\n<li>Always use the &#8220;hover over&#8221; technique to check web links before clicking! For more security tips please visit our <a href=\"https:\/\/www.montclair.edu\/information-technology\/security\/security-tips\/\">Security Tips<\/a> page.<\/li>\n<\/ul>\n","protected":false},"excerpt":{"rendered":"<p>Why this looks valid: Logical Premise: IT frequently perform maintenance and security updates, making the request seem routine. Specific Instructions: Mentioning &#8220;conflicting issues&#8221; with other universities adds a layer of technical detail that can sound professional. Convenience: The email suggests you can perform the update from a mobile device or home computer, which aligns with [&hellip;]<\/p>\n","protected":false},"author":349,"featured_media":1303,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"inline_featured_image":false,"footnotes":""},"categories":[8],"tags":[],"class_list":["post-1302","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-spear-phishing"],"_links":{"self":[{"href":"https:\/\/www.montclair.edu\/phish-files\/wp-json\/wp\/v2\/posts\/1302","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.montclair.edu\/phish-files\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.montclair.edu\/phish-files\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.montclair.edu\/phish-files\/wp-json\/wp\/v2\/users\/349"}],"replies":[{"embeddable":true,"href":"https:\/\/www.montclair.edu\/phish-files\/wp-json\/wp\/v2\/comments?post=1302"}],"version-history":[{"count":6,"href":"https:\/\/www.montclair.edu\/phish-files\/wp-json\/wp\/v2\/posts\/1302\/revisions"}],"predecessor-version":[{"id":1351,"href":"https:\/\/www.montclair.edu\/phish-files\/wp-json\/wp\/v2\/posts\/1302\/revisions\/1351"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.montclair.edu\/phish-files\/wp-json\/wp\/v2\/media\/1303"}],"wp:attachment":[{"href":"https:\/\/www.montclair.edu\/phish-files\/wp-json\/wp\/v2\/media?parent=1302"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.montclair.edu\/phish-files\/wp-json\/wp\/v2\/categories?post=1302"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.montclair.edu\/phish-files\/wp-json\/wp\/v2\/tags?post=1302"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}