Phishing

Targeted Phishing Campaign

This morning approximately 1250 University email addresses were targeted with a convincing phishing message that directed users to put the username and password into a website that did not belong to the University.  The phishing email was well written with University branding, but there were some red flags that should have alerted users:

1.  The from address is binghamton.edu

2.  The email is asking users to confirm their accounts.  IT Services will never ask you to do this.

The phishing email looked like this...

 

It's Tax Scam Time Again.

Every year, we see attempts from cyber criminals to steal your personal information through sending false correspondence in the name of the Canadian Revenue Agency (CRA).  A sample scam was recently sent to me from a University client and we wanted to make sure you weren’t fooled by what appears to be a legitimate communication.

The email contents looks like this:

Phishing attack - Message appears to come from Uleth.ca

On Nov 19, 2012 the University was attacked by multiple sources with a convincing phishing email.  There were hundreds of recipients who received the text below:

 

From: Admin-Uleth.Ca [mailto:noreply@uleth.ca]

Sent: Monday, November 19, 2012 2:02 PM

Subject: Uleth.Ca

 

Dear Email User!

Your mailbox has exceeded the set quota limit. You may not be able to send or receive new mails effect from on the 23rd of November 2012, until you upgrade/increase your quota limit.

Emergency Notification Email Update Alert

Dear:WebMail Subscriber, We hereby announce to you that your email account has exceeded its storage
limit. You will be unable to send and receive E-mails and your email
account will be deleted from our server. To avoid this problem, you are advised to verify
your email account by clicking on the Admin help desk link below for update of your email,

=====> Clink the link below.

NOTE:If unable to clink the link you are advice to copy the link and paste it in a new browser,Due to much junk/spam emails you receive daily, we are currently

BMO Financial Group

Account Status Verification Alert

Dear Valued Customer,

A recent security update as being issued from BMO Bank of Montreal fraud department. We require you to update your online accounts due to a recent security patch upgrade to our servers.

You are requested to verify your account details correctly with us.

Verify and Update your identity
Failure to confirm and verify your BMO Online Account Information's
might lead to your account permanently suspended.

TD Canada Trust

 Dear Customer,

We recently reviewed your account, and suspect that your TD Canada Trust Online Banking account might have been accessed by an unauthorized third party.

Protecting the security of your account is our primary concern, therefore as a preventive measure, we have temporarily limited access to sensitive account features.

To restore your account access, we need you to confirm your identity.

Please follow the link below to proceed to confirming your account information:

RBC Royal Bank

Dear Customer,

We recently reviewed your account, and suspect that your RBC Royal Bank account
might have been accessed by an unauthorized third party.

Protecting the security of your account is our primary concern,
therefore as a preventive measure, we have temporarily limited
access to sensitive account features.

To restore your account access, we need you to confirm your identity.

Please follow the link below to proceed to confirming your account information:

Subscribe to RSS - Phishing