Author Archive

As the holiday season approaches, scammers are taking advantage of everyone’s festive mood. A very enticing phishing attack is claiming to give out free store vouchers for holidays, if you fill out a form. There is an embedded link in the email that supposedly leads you to a validation page, but instead leads to a phishing site. Net-security has more information on this voucher scam.

Do not fall for the holiday scams. If it is too good to be true, it probably is. Never give out your personal information over email. And, especially during the holiday season, make sure to double check all URLs when you are doing financial transactions. It is always safer to manually enter the URL.

For more information on other holiday related scams check out ITbuisnessedge and the UD phishing blog.

Comments Comments Off

A phishing attack that targets cell phones has been reported. A scammer will send you a brief, but urgent text message telling you to call the listed number:


Click the smaller image for a larger version

When you call the number, the scammer tells you that your bank account has been frozen due to suspicious activity and promptly asks you for your social security number. Do not give them your social security number!

Other people have been getting the same text scams from the same phone number. Look what happens when you Google the phone number:


Click the smaller image for a larger version

The phone number clearly does not belong to a legitimate credit card company.

Remember, never give your social security number or any personal information to anyone over the phone, especially if you are directed to their number via text message.

Comments Comments Off

Paypal’s “ID Review Department” is trying to get your personal information again.  This time, the scammers  have created a very sophisticated pharming site, but the email message is still a classic example of a phishing scam:


Click smaller image for a larger version

The pharming site may look like Paypal, but check the URL:


Click smaller image for a larger version

There are several errors in the email message that indicate it is a phishing scam:

  • If you hover over the link, it does not lead to Paypal.
  • There are several grammar errors in the message.
  • ID Review Department is seen in other Paypal scams.
  • The message is not sent from Paypal.

And, just like any legitimate online business, Paypalwill never ask you to change your personal information over an email message. If you have any doubts about your personal information’s privacy, call the company or manually type the URL in the address bar.

Comments Comments Off

The UD VoIP system has a feature that allows its users to forward voicemails to email. However, before it can be functional, UD staff must personally request this feature be set up by Telephone Services–it is not automatic. If you have not requested this feature be set up, and you receive a voicemail in your inbox, it is a scam.

Scammers are trying to take advantage of this feature and are starting to send malware, disguised as voicemail, to infect your computer.

The same method can get you to reveal personal information. Even if you do not download any files, simply responding to the message with a call or email can reveal enough information to scam you.

Here are some things to look out for when you have a voicemail in your inbox:

  • You need to sign up for this feature. If you did not ask for this feature and received voicemails in your inbox, it is a scam.
  • Messages are sent from UNITY@udel.edu.
  • Unity does not send group messages.
  • Attachments from Unity are .wav files, not .zip files.
  • Be aware of “Unknown Caller.” Usually there will be a name or “wireless caller.”

Comments Comments Off

There have been several email messages using  phishing style attacks to scam you. Even though these two messages look different, they are trying to scam you in the same way:


Click on the image for a larger version

This message is using the traditional phishing scam approach. There are several discrepancies that make it a scam such as the terminology, “your email address seems infected.” However, instead of getting you to click on a link, they are trying to get you to call a number.


Click on the image for a larger version

This message is using a spam technique. Once again, there are no links to click on, you have to call a number.

Notice anything familiar about these messages? They list the same phone number, despite being from different companies. Instead of traditional phishing and spam scams, that want you to click a link, these messages want you to call a phone number. The phone numbers all go to a scammer and that is how they will get you.

Now that students, employees and faculty are becoming more adept at spotting the obvious phishing scams, scammers are changing their social engineering tactics. The scammers will talk to you or reply to your messages so you feel more sympathetic towards them and become more inclined to give them money or personal information.

Comments Comments Off