Archive for the “Pre-Phish” Category

Over night, UD inboxes were flooded with email like the one shown below:

Spam message from "weavespace.com"

Spam message from "weavespace.com"

Don’t follow the link. Don’t “sign up.” Do delete the message.

A quick Web search shows that other schools (UCLA, Michigan, and Penn, for example) have seen similar spam on their campuses. No one reports this as a “phishing scam.” We think it’s an attempt to harvest email addresses for a spammers’ database or, at worst, a pre-phish.

If this spam is tied to a phishing scam, the scammers may be counting on you signing up for this “UDel collaborative space” [sic] using the same password you use for your real UD account, another account, or your computer. In short, it may be an attempt to harvest an account and password for later attempts at identity theft, fraud, or bot attacks.

Our advice:

  1. Delete the message.
  2. Do not follow the link or sign up for the “service.”
  3. Practice safe password management. Specifically, don’t use your UDelNet password on other services.

Comments 2 Comments »