One client reports that he saw this pop-up when accessing UD Parking Services:
If you see this pop-up, exit your browser.
This spear-phishing attack is imitating a message from the UDel Federal Credit Union and it is targeting individuals who were affected by the UD security breach.
The pop-up will not let you access any other Web sites until you have provided all the information it asks for. If the pop-up appears, do not fill out your information. Exit your browser.
The University of Delaware will never ask you to provide any private information through email or pop-ups.
Email messages have been circulating that claim to be sharing a secure Google document in your Google Docs. Even though this phish only affects Gmail and Google Apps@UDel.edu users, the page will ask you for any email information from other providers.
Everyone who uses Gmail and Google Apps @UDel.edu can be a target of this phishing attack.
Nakedsecurity.sophos.com has more details on this Google Docs phishing attack.
The morning of July 30, UD announced its response to an IT security breach that put the confidential information of approximately 72,000 current and past employees, including student employees, at risk.
Unfortunately, cyber criminals also took notice of UD’s response and began sending targeted phishing email messages to UD email addresses.
Important points to remember
UD email continues to receive a steady stream of phishing email, most of it in the form of email that pretends to be from a reputable company, including stolen logo images, with links that do not take you to the company’s Web site.
For example, in this “eFaxCorporate” scam that has been going around the Internet for several months, a UD email list receives a message that you have received a fax and you should click this link to retrieve said fax. As the screenshot below indicates, if you hover your mouse over the link, you’ll see that the link takes you someplace you don’t want to go–a pharming site to harvest your information!
If you hover your mouse over the alleged efaxcorporate link, you’ll see that if you were to click it, you’d go to a pharming site in Brazil. (Click the small image to see a full size screenshot.)
More information about the eFaxCorporate scam:
UD will never send out email like the message below. Besides, look where the log in link goes!
Just delete it.
UD Header bar does NOT make this a legitmate message.