Archive for April, 2012

UD will never send out email like the message below. Besides, look where the log in link goes!

Just delete it.

UD Header bar does NOT make this a legitmate message.

UD Header bar does NOT make this a legitmate message.

Comments Comments Off

Over night, UD inboxes were flooded with email like the one shown below:

Spam message from "weavespace.com"

Spam message from "weavespace.com"

Don’t follow the link. Don’t “sign up.” Do delete the message.

A quick Web search shows that other schools (UCLA, Michigan, and Penn, for example) have seen similar spam on their campuses. No one reports this as a “phishing scam.” We think it’s an attempt to harvest email addresses for a spammers’ database or, at worst, a pre-phish.

If this spam is tied to a phishing scam, the scammers may be counting on you signing up for this “UDel collaborative space” [sic] using the same password you use for your real UD account, another account, or your computer. In short, it may be an attempt to harvest an account and password for later attempts at identity theft, fraud, or bot attacks.

Our advice:

  1. Delete the message.
  2. Do not follow the link or sign up for the “service.”
  3. Practice safe password management. Specifically, don’t use your UDelNet password on other services.

Comments 2 Comments »

Last week, the LearnIT Express webcast was called “Phishing Blues.” It ran about 12-13 minutes, included annotated examples (and discussion) of some of the scams seen at UD, and some suggestions for what to do if you fall for a phishing scam or submit personal information at a pharming site.

It is available for viewing on demand.

Comments Comments Off

Congratulations, UD colleagues. You’re starting to catch more and more phishing scams without help from IT or your departmental IT professional!

Today we’ve had multiple reports about this fake PayPal notice:

The latest fake PayPal phishing scam.

PayPal is NOT going to send a notice like this to a visible mailing list. Do you know how to recognize this scam?


Just like some of the other scams we’ve seen lately, this one looks good at first, but in about 5 seconds you should be able to tell it’s a scam:

  1. The large payment amount is supposed to send you into a panic so you just click one of the links in the message to investigate.
  2. The message is sent to multiple email addresses. And you can see those addresses. Some of the phishing scam boiler rooms have been sending out a lot of phishing spam with this trait. PayPal, American Express, Banks, credit card companies, merchants, and other legitimate entities will never reveal customer email addresses to other customers.
  3. The links in the message do not go to a valid PayPal site. If you see a message like this one, hover your mouse over a link before you click. See where it goes.

    You’re always safest to not click links in a message like this one. If you want to check to see if this is a valid notification, it’s much safer to log into your PayPal account using the standard URL you know and trust.

See a message like this one? Just delete it.

Comments Comments Off

The folks in UD’s Development Office report receiving a phone call that could be a variation on the phone support scam we mentioned last month.

I just received a telephone call from a man who claimed to be “Tom Collins,” with UD Business Solutions. He said his boss asked him to call me to get the serial number from my laser deskjet printer. I looked at the caller ID and it showed “PRIVATE NUMBER”, so I asked him if he was a UD employee. When he replied “yes,” I asked for his boss’s name and phone number saying that I would call him back. He then hung up on me.

This employee recognized that this phone conversation could have been the beginning of a scam support call. She knew not to give out serial numbers or confidential information to an unknown caller. Nice move asking for the phone number to call back!

Comments 3 Comments »