Phish Files
Abstract Aliens On Flying Saucers Northern Lights Lighthouse Mountains Water Tree Sun Background Gradient Unidentified Flying Object Ufo Stars Vector Design Style Landscape
Phish Files
April 18, 2025

Fake Login Pages Targeting College Campuses

Posted in: News

Breaking News image of a fish in a fishbowl in space

Phishing scams are increasing, and college students and staff are being targeted with fake login pages. Scammers create websites that look like university portals to steal login details. Here’s what you need to know.

How the Scam Works

  1. Fake Emails: You get an email claiming to be from your university, saying:
    • There’s an issue with your account.
    • You need to verify your login immediately.
    • Your account is about to be deactivated.
    • A link is provided to a fake website.
  2. Fake Websites: These sites look like real university login pages but are designed to steal your username and password.
  3. Stolen Data: Once scammers have your login details, they can access sensitive information, send phishing emails, or steal financial aid funds.

Why Students and Staff Are Targeted

  1. Trusted Emails: People trust emails that look like they’re from the university.
  2. Valuable Accounts: Campus accounts contain personal, academic, and financial information.
  3. Large Groups: Campuses have thousands of potential victims.

Signs of Fake Login Pages

  • Unusual Emails: Emails about account issues you didn’t expect.
  • Suspicious Links: Hover over links to see if they go to the official university website.
  • No Security Features: Fake sites often lack “https” or a padlock icon.
  • Generic Messages: Emails with no name or with grammar mistakes.
  • Urgent Warnings: Messages that pressure you to act fast.

How to Stay Safe

  1. Verify Emails: Please send any malicious emails you have received to phishfiles@montclair.edu or by clicking the Knowbe4 Phish Alert Button (PAB)
  2. Avoid Clicking Links: Go to the university’s website by typing the URL yourself
  3. Enable 2FA: Use two-factor authentication for extra account security
  4. Check URLs: Make sure the website address is correct before logging in
  5. Report Scams: Using the Knowbe4 PAB button or by forwarding the email to phishfiles@montclair.edu

Want to Know More?

HackRead | Hackers Using Fake Microsoft ADFS Login Pages to Steal Credentials

Security Magazine | Fake login pages are spoofing the world’s largest brands – Where does it end?

McAfee | How to Spot Fake Login Pages