To all users with a greatplainsumc.org email account,
A spam email is being used to harvest username and password credentials and hack into users’ accounts.
The spam email indicates there is a document hosted by Microsoft that you need to retrieve by clicking a link. Clicking the link takes you to a website where there are several options to authenticate and retrieve the document: AOL, Office 365, Outlook.com, Google, etc.
Logging in with one of the listed methods does not give you access to the document. Instead, the hackers who sent the email now have your login credentials to the authentication method used to retrieve the document.
If you receive this email, delete it immediately and notify the sender their account has been hacked. Notify the sender by sending a “new” email. DO NOT FORWARD THE SPAM EMAIL, AS IT WILL BE BLOCKED BY THE EMAIL SERVER. The email server is currently blocking the proliferation of the spam email.
If you have clicked the link and logged in with your credentials, your account has been hacked.
Depending on the method used to authenticate, the hackers will send out the spam email using your login, making it appear to the recipient the email was legitimately sent by you.
Of course, the hackers now have full access to your email account and any other logins you might be storing there: HSA accounts, bank accounts, etc.
It is vitally important that if you entered any login credentials after clicking the link in the spam email that you reset your password for that account immediately.
If you entered your Great Plains Conference email account login credentials to retrieve the spam document, then use the link below to reset your password. You can also contact the Clergy Email Helpdesk at 1-877-365-6087 for assistance with resetting your Great Plains Conference email password.
https://support.office.com/en-us/article/video-change-your-office-365-for-business-password-df48c24e-d036-4d72-987f-b6197f618619
Thank you.
Resources