We have recently received the report of a phishing email which appears to be sent on behalf of the CUHK Library. The hyperlink inside the message actually points to a malicious web page which appears to be gathering CUHK Login passwords from the victims who visited the link.
The content of the email was as follows,
Dear Library User,
Our records show that your access to CUHK Library System is about to expire. Due to security precautions established to protect University Libraries System, you have to renew your library account on a regular base, so please use the following link
sts.cuhk.edu.hk/authn/redirect/libraries/access/ reactivation .htm
After your successful authentication, your access will be restored automatically and you will be redirected to the library homepage. If you are unable to log in, please contact the library help desk for immediate assistance. We apologize for any inconveniences this may have caused.
Chinese University of Hong Kong
Sino Building, Chung Chi Rd, Sha Tin
libraries @ cuhk.edu.hk
If you have received the above phishing email, please note the followings and take action promptly.
- If you have clicked on the link, and typed your password in the fake CUHK Login webpage, your CUHK account is already compromised.
Please change your OnePass (CWEM) password immediately on a virus-free device.
- Scan your device with anti-virus software and also make sure that your devices have the latest system patches updated.
Please refer to ITSC’s guidelines on how to identify and handle suspicious emails :
Please also refer to security alerts and samples of phishing emails published by ITSC :