Phishing attack - Message appears to come from Uleth.ca

On Nov 19, 2012 the University was attacked by multiple sources with a convincing phishing email.  There were hundreds of recipients who received the text below:

 

From: Admin-Uleth.Ca [mailto:noreply@uleth.ca]

Sent: Monday, November 19, 2012 2:02 PM

Subject: Uleth.Ca

 

Dear Email User!

Your mailbox has exceeded the set quota limit. You may not be able to send or receive new mails effect from on the 23rd of November 2012, until you upgrade/increase your quota limit.

Click the following link:  hxxp://crm-accountupgrade.net.ms/  and input the vital information to increase your quota limit.

Thank you for your co-operation.

Admin-Uleth.Ca

Website: www.uleth.ca

University of Lethbridge

4401 University Drive, Lethbridge, Alberta T1K 3M4

Phone: (403) 329-2111

Copyright ฉ 2012 University of Lethbridge.

 

 

This particular email was effectively crafted and had appearances of authenticity from our Solutions Centre, but in the end it was a scam.

 

Because they used the no-reply@uleth.ca email address and skimmed the contact information from our webpage, we had a lot of inquiries about its authenticity.  I have included a few pointers below to keep in mind when you have questions about emails received, to help determine whether or not they are coming from ITS.

 

1.       Communications that inform you of service changes or issues will all be issued from help@uleth.ca.  We are always interested in feedback from our clients and will not direct they to respond to no-reply@uleth.ca as that address doesn’t actually deliver email.

 

2.       ITS will never, under any circumstance, ask for your username or password.  If service is needed which requires access to your account our staff will change your password, perform the service, and inform you when it’s completed so you can change your password to a known value.  We do not communicate passwords via email, or request that you ever validate your account with us through a web form.

 

3.       If you have questions about the validity of your account you can always navigate to   https://www.uleth.ca/webtools/account_tools/acctstatus which will let you know if there are any issues with your account.  If you can’t log into this site, I would advise calling the Solutions Centre.

 

Category: