Phishing scams sent from University accounts

We are seeing an aggressive campaign of phishing scams being sent to University email addresses over the past few days (Mar 22 - 25, 2013).  Most of the emails look like this:

-------------------------------------------------------------------------------------------------------------
Subject: Warning Yourmailbox Is Almost Full®

You have exceeded your email limit quota of 450MB. Note that failure to upgrade this time, would result to termination of your user account You need to upgrade your email limit quota to 3GB within the next 48 hours CLICK HERE to upgrade your email account

Thank you for using our email.
Copyright©2013 Email Helpdesk Center.

-------------------------------------------------------------------------------------------------------------

 

Note that you may be receiving messages like the one above from @uleth.ca email addresses.  This happens either because the attackers have already compromised a University account through some means and are using it to mount further attacks, or because the attackers have falsified the FROM field to appear as if the message originates at the University.  In either case, please ignore and delete such messages.

 

Note that if you click the link in an email like the above, you will most likely be taken to a Google Docs page like the one below.  The University will never collect University usernames and passwords at an external site like this.  Also, there is a note right below the submit button making it clear that you should not submit passwords through that form.

 

 

If you have any questions about phishing scam emails, please contact the ITS Solutions Centre (help@uleth.ca or 403-329-2490).

 

Category: