Phishing scams use fraudulent emails to get users to reveal confidential information. Such emails usually look like they come from a legitimate organization such as Blackboard but contain links to illegitimate sites.
Blackboard has become aware of a mass phishing scam targeting customers using Blackboard Learn. To be clear, Blackboard Learn has not been hacked — these are emails sent directly from a spammer to emails it may have harvested by spidering the institution’s websites for email addresses.
- Phishing Attempt Examples
- More Information
Phishing Attempt Examples
See below for a few examples of phishing attempts. It is important to realize that the messages will vary.
Example 1: “Received New Mail”
Example 2: “New Course Information”
|Purported Sender||Blackboard Learn <firstname.lastname@example.org>|
|Email Subject||New Course Information|
An important course form has been posted to you through the Blackboard Learning System.
Please sign in immediately to view the form.
Click here to sign in <–Link to malicious website
Example 3: “Blackboard Learn: Important New Course”
|Purported Sender||Blackboard Learn <email@example.com>|
|Email Subject||Blackboard Learn : Important new course|
Access to e-mail is about to expire,
Please click on the link below to re-activate your account, please sign in to Blackboard system immediately.
Click here to sign in to the Blackboard System <–Link to malicious website
- Notify your end users that these emails are phishing emails and to delete and disregard the emails.
- Do NOT go to the link in the email. Delete the email immediately.
- Please continue to send questionable messages to firstname.lastname@example.org. For immediate response, please call the Help Desk at 410-516-HELP.
For more information, see https://it.johnshopkins.edu/restricted/security/phishing.html.