Reminder: The legacy One Portal is available until 9/23. Visit the new One Portal

Keep your LLUH password unique from personal accounts

Category: 
Technology Updates

Loma Linda University Health continues to experience waves of internal phishing attacks. Many of you submit these phishing emails to us — thank you for doing so. Your submissions help us to immediately analyze the phishing emails and stop them from spreading.

We have observed that these phishing attacks are typically due to an LLUH account owner using the same password as one of their personal accounts that was involved in a data breach. Cyber-criminals use that stolen password to sign-on to the LLUH email to send the phishing email after tricking the account owner over the phone or text messaging to respond to the Multi-Factor Authentication (MFA) prompt.

Here’s an example of a text message that was correctly ignored.

If your account is the one being used to send the phishing email, it’s likely that the attacker was able to obtain your password and your MFA’s one-time passcode (OTP) or Push-to-Accept request. Please reset your password immediately!

Important reminder:

  • Stating the obvious: keep your password a secret; do not share your password with anyone else. Your acknowledgement of this is recorded when you electronically sign the Acceptable Use Agreement at our password reset portal here.  
  • Use different passwords for your LLUH account and your personal accounts; do not use your LLUH password for your personal accounts (e.g., social media, financial, utilities, etc.).
  • Only respond to an MFA request when you are actively signing-on to a system; do not respond to unsolicited MFA requests.
  • Information Services or Microsoft would never call or text you to ask for your password or MFA response.

Please continue to submit suspicious emails by using the “Report Suspicious” button in your Outlook menu as shown below:

If you do not see the button, call the IS Service Desk at ext. 48889 to request for it to be installed on your PC. In the meantime, you may submit suspicious emails to emailabuse@llu.edu

Here are some tips about phishing attempts being sent internally from @llu.edu:  

  • Pause and think before clicking on any links or attachments in messages, even if it’s from people you may know.
  • Were you expecting such a message from them? Do they typically send such messages to you?
  • Look for spelling, grammatical, and formatting errors in the message — a combination of these errors is a sure indicator of a phishing email.
  • When uncertain, you may contact the sender directly at their published phone extension in our directory to verify whether they sent the message.
  • Alternatively, report the suspicious email to IS Security for further analysis, as described above.

You will find more guidance on staying cybersafe at the LLUH IS Security website on One Portal.

Additionally, please visit the LLU IT blog to see updates about phishing scams.

For any questions, please contact infosecops@llu.edu.

Thank you for your help in keeping Loma Linda University Health cybersafe.

We’re Stronger Together

We're building the future of clinical care and education to better serve our community.

Learn How