...
When users click the link "Open Message" it brings them to fake Bethel log-in page designed to collect usernames and passwords which looks like this:
For Bethel University-affiliated web sites, during authentication, you will see in your browser "auth-prod.bethel.edu" as part of the URL.
We are working on determining how many accounts might have been compromised at a result of this phishing attempt and cleaning those up with our impacted community members've blocked this fraudulent link on our network and on employee computers, however if you are on a personal computer or off our network, the link could still work for you.
If you've entered your credentials already, we strongly recommend immediately changing your password through iam.bethel.edu.
For employees, be mindful of any multi-factor authentication (DUO) prompts you may receive that you didn't initiate. You can report fraudulent log-in attempts through the DUO application as well.
Please be mindful of emails that "just don't look right" and be careful not to click on links or enter your Bethel credentials based on email you are not immediately familiar with.