Phishing emails appearing to come from Blackboard – IT@JH University Information Systems

Phishing scams use fraudulent emails to get users to reveal confidential information. Such emails usually look like they come from a legitimate organization such as Blackboard but contain links to illegitimate sites.

Blackboard has become aware of a mass phishing scam targeting customers using Blackboard Learn. To be clear, Blackboard Learn has not been hacked — these are emails sent directly from a spammer to emails it may have harvested by spidering the institution’s websites for email addresses.

Phishing Attempt Examples
Solution
More Information

Phishing Attempt Examples

See below for a few examples of phishing attempts. It is important to realize that the messages will vary.

Example 1: “Received New Mail”

Purported Sender	Blackboard ITS
Email Subject	Received New Mail[School Board]
Content	Dear blackboard user: You have 2 unread messages from your Admin stored in your Blackboard area. Please login below to view messages/Kef474574876767 <–Link to malicious website The above link will become inactive 10 minutes after mail has been read. Thanks for your attention Regards, Blackboard ITS

Purported Sender

Blackboard ITS

Email Subject

Received New Mail[School Board]

Content

Dear blackboard user:

You have 2 unread messages from your Admin stored in your Blackboard area.

Please login below to view messages/Kef474574876767 <–Link to malicious website

The above link will become inactive 10 minutes after mail has been read.

Thanks for your attention
Regards,
Blackboard ITS

Example 2: “New Course Information”

Purported Sender	Blackboard Learn <notifications@blackboard.com>
Email Subject	New Course Information
Content	Good Morning, An important course form has been posted to you through the Blackboard Learning System. Please sign in immediately to view the form. Click here to sign in <–Link to malicious website Thank you, Blackboard Learn.

Purported Sender

Blackboard Learn <notifications@blackboard.com>

Email Subject

New Course Information

Content

Good Morning,

An important course form has been posted to you through the Blackboard Learning System.

Please sign in immediately to view the form.

Click here to sign in <–Link to malicious website

Thank you,

Blackboard Learn.

Example 3: “Blackboard Learn: Important New Course”

Purported Sender	Blackboard Learn <email@blackboard.com>
Email Subject	Blackboard Learn : Important new course
Content	Dear Staffs/Students Access to e-mail is about to expire, We recommend that you upgrade your account to avoid the suspension. Please click on the link below to re-activate your account, please sign in to Blackboard system immediately. Click here to sign in to the Blackboard System <–Link to malicious website Thank You. © 2013 Blackboard \| Technology and Solutions Inc. All Rights Reserved.

Purported Sender

Blackboard Learn <email@blackboard.com>

Email Subject

Blackboard Learn : Important new course

Content

Dear Staffs/Students

Access to e-mail is about to expire,
We recommend that you upgrade your account to avoid the suspension.

Please click on the link below to re-activate your account, please sign in to Blackboard system immediately.

Click here to sign in to the Blackboard System <–Link to malicious website

Solution

Notify your end users that these emails are phishing emails and to delete and disregard the emails.
Do NOT go to the link in the email. Delete the email immediately.
Please continue to send questionable messages to spam@jhu.edu. For immediate response, please call the Help Desk at 410-516-HELP.

More Information

For more information, see https://it.johnshopkins.edu/restricted/security/phishing.html.