We have observed an aggressive phishing campaign that has been targeting Denison over the past several weeks. This campaign has included multiple messages sent by different means, but all messages attempt to get a user to click on a link and input account credentials, such as usernames and passwords.
In this campaign, we have noticed impersonation of Denison accounts, including the Service Desk. This campaign includes a link or button that goes to a malicious webpage. We have observed the following domains.
- vdgmentorias[.]com
- du[.]vdgmentorias[.]com
Denison will never ask for your password by email, by Google Form, or by calling. If you receive such a message, please forward it to our reporting mailbox at isitsafe@denison.edu. If you have accidentally interacted with a message or think you might’ve sent credentials, immediately contact the Service Desk.