Archive for September, 2013

A phishing attack with the subject line “Important Message About Your University of Delaware Account” has been seen in UD email boxes.

The message looks similar to the following:


From: University of Delaware
Date: Tue, Sep 17, 2013 at 7:34 AM
Subject: Important Message About Your University of Delaware Account
To: webaccount@udel.edu

Dear,

We regret to inform you that recently we are unable to verify your webmail account with us

We therefore implore you to confirm your webmail details by clicking our secure site link below

https://www.udel.edu

To avoid permanent webmail account suspension

Thank you.

University of Delaware


This message is clearly a scam because the email is not addressing a specific person and there are no punctuation marks. Most importantly, it is asking you to change your email information by clicking a link in the message.

The University of Delaware will never ask you to change your email or account information through a link in an email.

Comments Comments Off

A phishing attack with the subject line “FACULTY/STAFF/EMPLOYEE MAIL SUSPENSION” has been seen in UD email boxes.

The message looks similar to the following:


From: Regina Austin raustin@waketech.edu
Date: Tue, Sep 10, 2013 at 6:02 PM
Subject: FACULTY/STAFF/EMPLOYEE MAIL SUSPENSION
To:

Dear Webmail Subscriber

Your Email Account have been Suspended from sending and receiving email,to
re-validate your account,please click here

http://unread-msg.co.uk/

Thank you!
ITS Web Team

Email correspondence to and from this address may be subject to the North Carolina Public Records law and may be disclosed to third parties by an authorized state official (NCGS. ch. 132). Student educational records are subject to FERPA.


Email messages like this are a scam and should be deleted. How do you know it is a scam?

  • It is not sent from a UDel account.
  • It is allegedly from a school in North Carolina and not Delaware.
  • It is referring to “Webmail Subscriber” instead of a specific person.
  • The “s” in suspend is capitalized.
  • There is no space between the comma and “please”.
  • The link sends you to a United Kingdom Web site.
  • It is from ITS Web Team and not IT Support center.

The University of Delaware would never ask you to re-validate your account, especially not through a poorly written email allegedly from North Carolina with a link to a United Kingdom Web site.

Comments Comments Off

One client reports that he saw this pop-up when accessing UD Parking Services:

2013-09-09_1342
If you see this pop-up, exit your browser.

This spear-phishing attack is imitating a message from the UDel Federal Credit Union and it is targeting individuals who were affected by the UD security breach.

The pop-up will not let you access any other Web sites until you have provided all the information it asks for. If the pop-up appears, do not fill out your information. Exit your browser.

The University of Delaware will never ask you to provide any private information through email or pop-ups.

Comments Comments Off

An email with the subject “Search for Missing Children” is a phishing attack that claims it is from the National Center for Missing and Exploited Children.

In the email there is a .zip attachment that contains three malicious files that will infect your computer. Do not download the attachment or click any links in the email.

US-CERT has more information regarding this phishing attack.

Comments Comments Off

Email messages have been circulating that claim to be sharing a secure Google document in your Google Docs. Even though this phish only affects Gmail and Google Apps@UDel.edu users, the page will ask you for any email information from other providers.

Everyone who uses Gmail and Google Apps @UDel.edu can be a target of this phishing attack.

Nakedsecurity.sophos.com has more details on this Google Docs phishing attack.

Comments Comments Off