Important Notice: Phishing Campaign via Google Calendar Invites

Dear UMBC Community,

DoIT has recently been made aware of a new phishing campaign through Google Calendar. In this scheme, attackers send fraudulent calendar invites that automatically appear on your calendar. These invites often contain messages about fake cryptocurrency invoices and attempt to trick you into clicking links or calling a phone number.

Examples of these malicious invites are included below for your reference.

If you see a suspicious item on your calendar:

  • Do not click on any links, open any attachments or call any phone numbers

  • Immediately report the invite to security@umbc.edu

  • Remove the invite from your calendar using the Trash Can button

It’s important to note that simply receiving one of these invites does NOT mean your account has been compromised. By default, Google Calendar automatically adds invitations from anyone.


To reduce the chance of receiving unwanted invites in the future, you can also update your individual Google Calendar Event Settings to restrict which invitations are added by adjusting the "Add invitations to my calendar" setting. (See Below)

Screenshot of the Google Calendar settings showing the Event Details menu selected and the option for Add Invites to my Calendar visible

For more information about this setting, please refer to https://support.google.com/calendar/answer/13159188?sjid=9213646357382027005-NA.

Thank you all for your continued awareness and assistance in keeping our community secure.

UMBC Division of Information Technology (DoIT)
Cybersecurity Assurance and Digital Trust




Example One:
Example of a Crypto Purchase Order calendar inviteExample Two:
Example of an Invoice & Order Details calendar invite
]]> Dear UMBC Community, DoIT has recently been made aware of a new phishing campaign through Google Calendar. In this scheme, attackers send fraudulent calendar invites that automatically appear on... Photo https://assets1-beta.my.umbc.edu/system/shared/attachments/914021432b2c03ea34c37961aa8774ae/69e4d871/news/000/152/263/ba44b9abb1a0331c5d134bafb71f993f/image3.png?1757450404 https://beta.my.umbc.edu/api/v0/pixel/news/152263/guest@my.umbc.edu/28d750f4f998a147f4a4652d12316ee1/api/pixel cyber-awareness phishing IT Security - DoIT Cybersecurity Assurance and Digital Trust https://beta.my.umbc.edu/groups/itsecurity https://assets2-beta.my.umbc.edu/images/avatars/group/7/xsmall.png?1776441867 https://assets2-beta.my.umbc.edu/images/avatars/group/7/original.png?1776441867 https://assets2-beta.my.umbc.edu/images/avatars/group/7/xxlarge.png?1776441867 https://assets1-beta.my.umbc.edu/images/avatars/group/7/xlarge.png?1776441867 https://assets1-beta.my.umbc.edu/images/avatars/group/7/large.png?1776441867 https://assets2-beta.my.umbc.edu/images/avatars/group/7/medium.png?1776441867 https://assets2-beta.my.umbc.edu/images/avatars/group/7/small.png?1776441867 https://assets2-beta.my.umbc.edu/images/avatars/group/7/xsmall.png?1776441867 https://assets3-beta.my.umbc.edu/images/avatars/group/7/xxsmall.png?1776441867 IT Security - DoIT Cybersecurity Assurance and Digital Trust 5 0 false Tue, 09 Sep 2025 16:34:17 -0400 Tue, 09 Sep 2025 16:48:10 -0400 Account Verification Emails They are phishing!
Hello UMBC Community,

As we approach the Fall Semester, the Division of Information Technology (DoIT) has observed an increase in phishing attempts targeting the UMBC community. While we are doing our best to stay on top of these emails, we need your support.

Please do not enter your myUMBC password or your DUO code into Google or Monday Forms. DoIT does not need your password to validate your account, nor are we deactivating accounts. If you encounter either of these campaigns in your mailbox, please forward the email to security@umbc.edu or click the menu with the three dots to “Report Phishing.” This will allow the team to quickly quarantine the message and protect other community members.

Thank you for your support! 

]]> Hello UMBC Community, As we approach the Fall Semester, the Division of Information Technology (DoIT) has observed an increase in phishing attempts targeting the UMBC community. While we are... https://beta.my.umbc.edu/api/v0/pixel/news/151677/guest@my.umbc.edu/16e2ada2cdc4de936d60adeccbb6b100/api/pixel phishing IT Security - DoIT Cybersecurity Assurance and Digital Trust https://beta.my.umbc.edu/groups/itsecurity https://assets2-beta.my.umbc.edu/images/avatars/group/7/xsmall.png?1776441867 https://assets2-beta.my.umbc.edu/images/avatars/group/7/original.png?1776441867 https://assets2-beta.my.umbc.edu/images/avatars/group/7/xxlarge.png?1776441867 https://assets1-beta.my.umbc.edu/images/avatars/group/7/xlarge.png?1776441867 https://assets1-beta.my.umbc.edu/images/avatars/group/7/large.png?1776441867 https://assets2-beta.my.umbc.edu/images/avatars/group/7/medium.png?1776441867 https://assets2-beta.my.umbc.edu/images/avatars/group/7/small.png?1776441867 https://assets2-beta.my.umbc.edu/images/avatars/group/7/xsmall.png?1776441867 https://assets3-beta.my.umbc.edu/images/avatars/group/7/xxsmall.png?1776441867 IT Security - DoIT Cybersecurity Assurance and Digital Trust 7 0 false Fri, 22 Aug 2025 17:11:16 -0400 Thank you for being part of UMBC (Phishing Edition) We are glad you are here, but we don't want your password
DoIT is aware of an ongoing phishing campaign targeting faculty and staff. The message arrives in users' inboxes appearing to be a document shared from Google. Within the document there is a link that masquerades as personalized compensation statement, but is actually a form attempting to collect your myUMBC credentials and DUO codes. 

This email is phishing. Please do not enter your myUMBC password or DUO codes on web forms. 

We are working to quarantine the messages and scramble passwords for any account that may have been compromised as a result of the phish. We are asking for your continued diligence as the holiday may affect our ability to get the form taken down. Please do not provide your password or DUO codes on web forms, and forward suspicious messages to security@umbc.edu.

If you did provide your password or DUO code, please change your password and reach out to us at security@umbc.edu as soon as possible. Instructions on how to change your password can be found here: https://umbc.atlassian.net/wiki/spaces/faq/pages/30736465/How+do+I+change+my+myUMBC+password

Thanks again and hope everyone has a Happy 4th of July!!
Screenshot of the phishing form thanking the recipient for being a part of UMBC. The screenshot has a link that says View Your Statement.
]]> DoIT is aware of an ongoing phishing campaign targeting faculty and staff. The message arrives in users' inboxes appearing to be a document shared from Google. Within the document there is a link... Image https://assets4-beta.my.umbc.edu/system/shared/attachments/916ffa5e774b9bb356a46e016fcb2df1/69e4d871/news/000/150/919/329995168de8869ce0d6c4083026d5b0/Image 7-4-25 at 2.15 PM.jpeg?1751654219 https://beta.my.umbc.edu/api/v0/pixel/news/150919/guest@my.umbc.edu/16abf47e19323bf92f08a8d5fb327af4/api/pixel phishing IT Security - DoIT Cybersecurity Assurance and Digital Trust https://beta.my.umbc.edu/groups/itsecurity https://assets2-beta.my.umbc.edu/images/avatars/group/7/xsmall.png?1776441867 https://assets2-beta.my.umbc.edu/images/avatars/group/7/original.png?1776441867 https://assets2-beta.my.umbc.edu/images/avatars/group/7/xxlarge.png?1776441867 https://assets1-beta.my.umbc.edu/images/avatars/group/7/xlarge.png?1776441867 https://assets1-beta.my.umbc.edu/images/avatars/group/7/large.png?1776441867 https://assets2-beta.my.umbc.edu/images/avatars/group/7/medium.png?1776441867 https://assets2-beta.my.umbc.edu/images/avatars/group/7/small.png?1776441867 https://assets2-beta.my.umbc.edu/images/avatars/group/7/xsmall.png?1776441867 https://assets3-beta.my.umbc.edu/images/avatars/group/7/xxsmall.png?1776441867 IT Security - DoIT Cybersecurity Assurance and Digital Trust 15 0 false Fri, 04 Jul 2025 14:43:01 -0400 Fri, 04 Jul 2025 14:48:10 -0400 Beware of PayPal "New Address" Emails New approach (to phishing). Same goal.

Cyberattackers constantly evolve their tactics to bypass organizational defenses. A recent trend involves exploiting PayPal's gift address feature to deliver phishing messages. These messages may include a fake support number to trick recipients into calling or malicious links designed to steal account credentials. In either case, the attacker's goal is to compromise your PayPal account.

If you receive a PayPal notification about account changes or a sent invoice, do not click any links in the email. Instead, directly type the official PayPal URL into your web browser to ensure you're interacting with the legitimate PayPal website, not a fraudulent copy.

To learn more about this new method of attack: https://www.bleepingcomputer.com/news/security/beware-paypal-new-address-feature-abused-to-send-phishing-emails/ ]]> Cyberattackers constantly evolve their tactics to bypass organizational defenses. A recent trend involves exploiting PayPal's gift address feature to deliver phishing messages. These messages... https://beta.my.umbc.edu/api/v0/pixel/news/147565/guest@my.umbc.edu/2b59018686410f6eb3b93de02b62bc12/api/pixel phishing IT Security - DoIT Cybersecurity Assurance and Digital Trust https://beta.my.umbc.edu/groups/itsecurity https://assets2-beta.my.umbc.edu/images/avatars/group/7/xsmall.png?1776441867 https://assets2-beta.my.umbc.edu/images/avatars/group/7/original.png?1776441867 https://assets2-beta.my.umbc.edu/images/avatars/group/7/xxlarge.png?1776441867 https://assets1-beta.my.umbc.edu/images/avatars/group/7/xlarge.png?1776441867 https://assets1-beta.my.umbc.edu/images/avatars/group/7/large.png?1776441867 https://assets2-beta.my.umbc.edu/images/avatars/group/7/medium.png?1776441867 https://assets2-beta.my.umbc.edu/images/avatars/group/7/small.png?1776441867 https://assets2-beta.my.umbc.edu/images/avatars/group/7/xsmall.png?1776441867 https://assets3-beta.my.umbc.edu/images/avatars/group/7/xxsmall.png?1776441867 IT Security - DoIT 2 0 false Mon, 24 Feb 2025 09:09:35 -0500 Financial Aid and Job Offers Email It seemed phishy because it was!
This morning, several individuals received a phishing email disguised as a job opportunity. We want to thank everyone who reported it. Your reports allow us to take immediate action to protect others.

If you receive a suspicious email, please report it. Google provides the ability to report phishing in your web browser by clicking the three vertical dots next to the email sent date and selecting "Report Phishing." You can also forward the email to security@umbc.edu. Both options create a ticket for our team.

Phishing is the use of deception to obtain sensitive information. In this case, the email attempted to collect your personal information. There were a couple of red flags that make it clear it is phishing:
  1. The email claimed to be from the Career Center but was sent from a personal Gmail address (not @umbc.edu).
  2. The link to the UMBC application portal redirected you to a Google Form, not UMBC's official portals.
  3. The Google Form was asking for personal information.
  4. The email requested that replies be sent to a personal Gmail address instead of the Career Center's UMBC email address.

Thank you again to all who reported the phish!
]]> This morning, several individuals received a phishing email disguised as a job opportunity. We want to thank everyone who reported it. Your reports allow us to take immediate action to protect... Image https://assets2-beta.my.umbc.edu/system/shared/attachments/852d377b14e28bee32eca4079459f7ec/69e4d871/news/000/147/530/47b6ed0b6b6824c8dc892e2e48b462f9/Phishy Email.png?1740148103 https://beta.my.umbc.edu/api/v0/pixel/news/147530/guest@my.umbc.edu/0b9728621d8f27afc862cd897158196f/api/pixel phishing IT Security - DoIT Cybersecurity Assurance and Digital Trust https://beta.my.umbc.edu/groups/itsecurity https://assets2-beta.my.umbc.edu/images/avatars/group/7/xsmall.png?1776441867 https://assets2-beta.my.umbc.edu/images/avatars/group/7/original.png?1776441867 https://assets2-beta.my.umbc.edu/images/avatars/group/7/xxlarge.png?1776441867 https://assets1-beta.my.umbc.edu/images/avatars/group/7/xlarge.png?1776441867 https://assets1-beta.my.umbc.edu/images/avatars/group/7/large.png?1776441867 https://assets2-beta.my.umbc.edu/images/avatars/group/7/medium.png?1776441867 https://assets2-beta.my.umbc.edu/images/avatars/group/7/small.png?1776441867 https://assets2-beta.my.umbc.edu/images/avatars/group/7/xsmall.png?1776441867 https://assets3-beta.my.umbc.edu/images/avatars/group/7/xxsmall.png?1776441867 IT Security - DoIT 7 0 false Fri, 21 Feb 2025 09:37:54 -0500 Fri, 21 Feb 2025 09:38:22 -0500