Newsflash

Wasup, a new tool which allows users to create instances of popular web services, is now available for all faculty and staff. (Note: the only services currently available are Drupal and MediaWiki)
 
powered_by.png, 1 kB

Latest Edits

Popular


Home arrow SIC News arrow February 2009 arrow Recent and ongoing phishing attempts
Recent and ongoing phishing attempts PDF Print E-mail
Written by John Lockard   
Friday, 06 February 2009

We're seeing another batch of phishing attacks.  (or should that be phishing expeditions?).  If you aren't familiar with the term 'phishing', it's the practice of trying to get you to give up personal, private information so it can be used for someone else's benefit, usually your detriment.  Phishers will usually try to get computer accounts and passwords and/or personal information such as bank account information or other personal information.

The more information you give to the phisher, the more they can do with it.  They could take over your email account, your bank account, or even get a new credit card or other account(s) tied to your name, address, driver license and social security number.  All-in-all, this is bad.

At the University, there is no reason for ANYBODY to have your password.  Nobody.  In the case of the email attached below, they're telling you that they need your information to verify that your account should remain active.  Realistically they shouldn't need any more information than "Yes, please keep my account active", as they already have your name and uniqname.  Also in the email below, they tell you they'll be assigning new passwords to accounts.  Why, then, would they need your current password?  They wouldn't.

Please remember to keep yourself safe by keeping your personal, private information safe.

Here's the most recent example of a phishing email:

Dear @umich.edu Account User,

We want to notify all our subscribers about the phishing scam mails sent
out to them. We have lately tried to upgrade our server to facilitate our
control over such mails and we will be assigning a new password to all
subscribers. This upgrade will commence on the 7th of February 2009. You
are advised to forward the following information to us because you will be
assigned a new password from the information we receive from you. Feel the
following and get back to us for your upgrade.

Name :.....................( Optional)
Surname :..................( Optional)
Date of Birth :............( Compulsory)
Username :.................( Compulsory)
Password :.................( Compulsory)
Server :...................( Compulsory)
Telephone Number :.........( Optional)

To verify if your account is still valid or has been suspended, login to
this site and send to us the required information:
https://[URL REMOVED BY SI COMPUTING]/login.php

We are really sorry for the inconvenience but we have to keep you safe
from scams. All you have to do is Click Reply and provide the information
required above, your account will not be interrupted and will continue as
normal.

NB: Subscribers that don't take this message serious may lose their
E-mail account permanently.

Have a nice day and God bless.

@umich.edu Helpdesk Service
 
[ Back ]
© 2009 The Home of the School of Information Computing Group (SI.Computing)
Joomla! is Free Software released under the GNU/GPL License.