Wave of phishing messages in FF users' inboxes

Once again we are facing a wave of phishing emails in our users' mailboxes - most often they were sent to alias addresses (i.e. they were sent to all recipients that fall under the given aliases). The attacker here asks to change the password to avoid blocking the mailbox. Again, there is an urge to persuade the user to open the link and enter their login details. If you have received this email, please do not respond to it, forward it to csirt@muni.cz and delete it. A sample of this email is attached in the screenshot below.

If you have clicked on the link and entered your details, please change your password in IS. If you no longer have access to your account, please contact our engineers immediately via the request form.

Thank you.