Phishing Alert: Attackers Steal Mailing Lists Using Mailchimp
Stanford University’s Information Security Office (ISO) is alerting the community to a recent series of attacks targeting Mailchimp users. Take a moment to review the details of this scam to help spread awareness.
What is the scam?
- The attackers send convincing phishing emails with Mailchimp branding that often claim issues with account status or spam complaints.
- The emails contain links to fake Mailchimp login pages where users are prompted to enter their login credentials.
- Once logged in, the attackers use the compromised credentials to log into the official site and download the victim’s mailing lists, including subscribed and unsubscribed users, as well as demographic and usage data.
What to do if you suspect a phishing attempt
Be wary of any emails claiming to be from Mailchimp, especially those creating a sense of urgency and requesting login credentials. Always check the sender’s email address closely and be cautious about clicking links or downloading attachments.
When in doubt, avoid clicking links in emails. Instead, type the organization’s trusted website URL into your browser and log in there. Then check if you have any similar alerts as the email indicated.
Use a password manager to securely store and auto-fill your login credentials. If your password manager doesn’t auto-fill as expected on a website, it could be a sign that the site is fraudulent or part of a phishing attempt. Not using a password manager? University IT offers Dashlane, a free password manager for faculty, staff, and students.
If the sender’s contact information or other details of the request point to a possible phishing attempt, report the message. Reporting allows the university’s Information Security Office (ISO) to evaluate the threat and minimize harm to the Stanford community.
Learn more
- Learn how to recognize, report, and stay vigilant with the Stay Safe From Phishing Scams Guide.
- Opt into URL Defense to make your email safer.
- Find more IT security news, resources, guides, policies, and education at security.stanford.edu
- Reach out to ISO to request help.
DISCLAIMER: UIT News is accurate on the publication date. We do not update information in past news items. We do make every effort to keep our service information pages up-to-date. Please search our service pages at uit.stanford.edu/search.
What to read next:
Phishing Alert: Attackers Use Google Workspace Apps to Steal Credentials
Stanford Web Services Toolbox: Crafting Community Websites
