Archive for the “Spear Phishing” Category

One client reports that he saw this pop-up when accessing UD Parking Services:

If you see this pop-up, exit your browser.

This spear-phishing attack is imitating a message from the UDel Federal Credit Union and it is targeting individuals who were affected by the UD security breach.

The pop-up will not let you access any other Web sites until you have provided all the information it asks for. If the pop-up appears, do not fill out your information. Exit your browser.

The University of Delaware will never ask you to provide any private information through email or pop-ups.

Comments Comments Off

Email messages have been circulating that claim to be sharing a secure Google document in your Google Docs. Even though this phish only affects Gmail and Google users, the page will ask you for any email information from other providers.

Everyone who uses Gmail and Google Apps can be a target of this phishing attack. has more details on this Google Docs phishing attack.

Comments Comments Off

The morning of July 30, UD announced its response to an IT security breach that put the confidential information of approximately 72,000 current and past employees, including student employees, at risk.

Unfortunately, cyber criminals also took notice of UD’s response and began sending targeted phishing email messages to UD email addresses.

Important points to remember

  • UD email systems (Google Apps at UD, UD Central Exchange, departmental email servers) were not affected by this security breach. Any email you receive about a problem with your email account or asking you to upgrade your email account because of “the recent security incident” is a phishing attempt, trying to get you to provide your personal information to a cyber criminal. Delete such messages.
  • No one from the University, Kroll Advisory Solutions or any other reputable organization will contact you to request your personal information. If you have been affected by the July 2013 breach at UD and choose to register for credit monitoring with Kroll Advisory Solutions, you will need to provide Kroll Advisory Solutions with your personal information. But Kroll staff will not contact you and ask for that information. You will provide that information at their Web site or on a paper form that they provide you.

    It is also likely that some telephone scams like those we’ve discussed before will try to take advantage of this situation. Do not give out any personal information in response to any unsolicited phone call.

Comments Comments Off

UD email continues to receive a steady stream of phishing email, most of it in the form of email that pretends to be from a reputable company, including stolen logo images, with links that do not take you to the company’s Web site.

For example, in this “eFaxCorporate” scam that has been going around the Internet for several months, a UD email list receives a message that you have received a fax and you should click this link to retrieve said fax. As the screenshot below indicates, if you hover your mouse over the link, you’ll see that the link takes you someplace you don’t want to go–a pharming site to harvest your information!

Fake eFaxCorporate phishing email

If you hover your mouse over the alleged efaxcorporate link, you’ll see that if you were to click it, you’d go to a pharming site in Brazil. (Click the small image to see a full size screenshot.)

More information about the eFaxCorporate scam:

Comments Comments Off

UD will never send out email like the message below. Besides, look where the log in link goes!

Just delete it.

UD Header bar does NOT make this a legitmate message.

UD Header bar does NOT make this a legitmate message.

Comments Comments Off