Archive for October, 2013

We had several reports of this phishing message showing up in UD inboxes this morning. One alert student sent us this screen shot off her cell phone:

Don't fall for this phishing scam!

Click image to see full-sized version.

Others reported seeing message headers spoofing an email address at UD: “officemail@udel.edu” [sic].

If you click the link in the message identified as “www.udel.edu,” it will take you to a pharming site designed to harvest your UDelNet ID and password–they stole the graphics from Google Apps at UD’s login screen. But the URL is NOT a UD URL!

Check the URL before you provide your info!

Check the URL before you provide your info! (Click the image to see a full-sized version.)

Even though the graphics are a near perfect match, the scammers’ URL is clearly NOT a valid udel.edu URL: http://www.bistrotbuffet.com.br/plugins/2udel3.edu.htm

Yeah, right. Like we’re doing our tech support from a Bistro-Buffet located in Brazil.

If you did fall for this scam, log in to the UD Network page to change your UDelNet password immediately. If you are unable to change your password, contact the IT Support Center at (302) 831-6000 or by submitting an ITSC Help Request form.

Think B4 U Click!

Comments Comments Off

A recent string of “send me a loan” phishing scams are appearing in UDel inboxes. The email looks like it is from a distressed friend or family member.  The scammer will engage in a conversation leading up to them asking you to wire  money through a bank or Western Union.


Click smaller image for a larger version.

After the distressing and grammatically incorrect message, scammers sometimes provide the information you need in the original email and wait for you to wire them money:


You can have the $2,250 dollars. wired to me via Western Union. Have it wired to my name and present location, here are the details you need to have it wired to me..

Receiver’s Name: Karen Morgan
Location: 58,Mary cris crecent,quezon city,
Country: manila,Philippines

Once you are done Kindly e-mail me the Confirmation details (MTCN) for the pick up of the funds.

Let me know when you head out to Western Union??


A scammer can hijack someone’s email account and steal their address book. Using that address book, the scammer will send “send me a loan” messages to people in the victim’s address book using a similar email address that is usually only a character off the original. An Example of a stolen email account is if someone uses jondoe1234@yahoo.com, then the scammer will make the fake account jondoe11234@yahoo.com or jondoe1234@live.com.

When you see these messages  make sure you verify it is the person before sending money. Asking a personal question or contacting the person and people they know are good ways to catch the scammer.  And, as always, never send any personal information over an email.

 

Comments Comments Off

Do you know Gillian and Adrian Bayford? You should since they offered you 1.5 million dollars. It seems too good to be true, right?

Here is the email message:


Click smaller image for a larger version.

Unlike scams that rely on phishing sites, this one links to a legitimate Web site to gain credibility so that you will reply to the email. Do not reply and never include any personal information in an email, especially to unfamiliar senders that do not know your name like this one:


Click smaller image for a larger version.

There are a few other problems with this email:

  • The message claims to know your email address, but it is sent to “recipients”.
  • The Google Management Team would never submit your email address to anyone.
  • There are grammar errors everywhere.

Comments Comments Off

Have you ever received 14 job offers in 24 hours? Chances are, the answer is “no”.


Click smaller image for a larger version.

They are clearly scams without even opening the email. The first line of each email starts with “We have an opening” or “While welcoming you to this hiring process”. Different people would not send identical email messages to your Google Apps @UDel.edu  account about career opportunities, especially if you did not submit any applications.

Here is an example of one of the email messages:


Click smaller image for a larger version.

There are a few things in the message that proves it is a phishing scam:

  • The email is asking for personal information.
  • There are grammar errors.
  • Your name is not in the message.
  • The message does not mention a specific position or company.
  • If you did not apply for anything, why are they offering you a job?

Comments Comments Off