Update on Phishing Hack

University Unitarian Church was recently made aware of an attempt to coerce visitors to our website into installing malicious software on their mobile devices. This was a result of non-HTTPS URLs being hijacked by a third party so pop-ups could be displayed with bogus links. After a thorough review of our hosting servers and our WordPress installation by UUC’s IT vendor, the missing security configuration was located and corrected to resolve the issue. The fix has been rolled out and tested on multiple devices, platforms, and browsers. It should be completely updated world-wide by Wednesday morning.

If you experienced this pop-up behavior on your phone or tablet over the past two weeks and believe you may have clicked a malicious link (the reported links were for downloading VPN software and another was a spoof of the familiar “I am not a robot” prompt seen on many websites), you should consider having your phone evaluated by your mobile phone retailer to eliminate any suspicious software that may have been installed. This can be done at a local carrier store or the Apple Store for iOS devices.

If you have further questions or additional concerns, please contact Byron Krystad at the church office.