Phishing Alert: Baylor Student Faculty Relations

Overnight and through the morning hours of June 12, 2025, many Baylor faculty and staff received a message purporting to be from "Baylor Student Faculty Relations" indicating that "an anonymous concern has been submitted regarding an observation during one of your recent lectures."

Conscientious Baylor faculty who received this message clicked the "Review Anonymous Report" link, which leads to a page that mirrors Baylor's Duo login screen. Then, they dutifully entered their Bear ID and password and responded to a Duo Push notification. This has allowed untoward actors to harvest usernames and passwords, receive successful Duo verification from users, and then leverage Baylor email accounts to further spread the phishing email using Baylor email addresses.

• If you see this message, know that it is not from Baylor officials and delete it. Click here to see a sample message.
• Of course, if you receive this message, do not click the "Review Anonymous Report" link and provide your Baylor credentials.
• Duo Push or Verified Push requests happen immediately after you enter your Bear ID and password. If you did not enter your Bear ID and password into a Duo-based system, do not accept the Duo Push or enter a provided code into a Duo Verified Push request. Hit "Deny" and the incident will be reported to Baylor's cybersecurity team.
• Please note that the subject of this message and its content may vary. With unmarked messages like these that raise personal concerns and prompt an immediate response, it is always beneficial to verify the message with colleagues and relevant administrators before responding.

If you believe that you or someone you know read this message, clicked the link, and entered a Bear ID and password, please contact HelpDesk+ either in person on the main floor of Moody Library, by calling (254) 710-4357, or by messaging us using HelpDesk+ Chat at helpdeskplus.web.baylor.edu.