KnowBe4, the organization that posted info about this scam, warns college students to be on the lookout for these potential variations in the subject line of the phishing email:
- IT DESK: Security Alert Reported on Campus
- IT DESK: Campus Emergency Scare
- IT DESK: Security Concern on Campus Earlier
Always, always be wary of any unexpected email that leads you to provide a user name and password. If you do inadvertently click such a link, look at the full web site URL in the address bar of your browser before typing anything. In this case, if the URL doesn't have "microsoft.com" in it, then you know it's a fake.
In fact, it is best to always check the URL before typing in your credentials anywhere on the world wide web. Is the domain name correct? Is the prefix "HTTPS" (not "HTTP"), which shows you that the information you type is secure? If not, leave that site without interacting with it.
For the story, see http://www.prweb.com/releases/2018/04/prweb15410086.htm.