SecurePurdue > News & Alerts

News & Alerts

Secure Purdue News

Securepurdue RSS Feeds
McAfee VirusScan Home Edition Version 12 Now Available McAfee VirusScan Home Edition Version 12 is now available for download on the SecurePurdue download page.
Purdue Community Warned of New Email Scam Purdue University is warning email users of a new email scam targeting Purdue University accounts. This newest scam email looks very realistic, references common Purdue terminology, and appears to come from Purdue University. Users should IMMEDIATELY delete the e-mail and DO NOT respond to the email or click on any links provided in the email.
CIS News for Security Administrators News for Security Administrators from the March 27, 2008 Center for Internet Security (CIS) Member Update.
Internet Explorer 7 and ITNS managed WSUS

As Microsoft has indicated, the Windows Internet Explorer 7 Installation and Availability update rollup will be released to WSUS installations at the next patch cycle, Feb. 12, 2008. This update, if approved, will upgrade XP/Server 2003 systems currently running IE 6 to IE 7. There has been some concern expressed that users of the ITNS supported WSUS server will be forcibly upgraded to IE 7 due to this update. 

Currently, the ITNS ...

Purdue community warned of e-mail scam (FOLLOW UP)

STEAM-CIRT would like to follow up on our original alert regarding the recent phishing scam by providing additional information regarding some of the variations of the initially reported email. Some of the variations we have witnesses or have been forwarded to us include the following:

"From: accountupgrade@purdue.edu
Date: January 21, 2008 11:51:34 PM GMT-05:00
To: undisclo10.5pt">"CUSTOMER CARE" [webmaster.purdue.edu@gmail.com]

Date: February 19, 2008 12:28:44 PM GMT-05:00

Subject: THE PURDUE WEBSITE (WebNews Email Account Update)

Return-Path: <webmaster.purdue.edu@gmail.com>

----------------------------------------------------------------------------------------------------------------------
This is a WebNews Email Account Update
Please see the bottom of this mailing on this information.

---------------------------------------------------------------------------------------------------------

THE PURDUE WEBSITE WISH TO INFORM YOU THAT WE HAVE SOME PROBLEMS
ABOUT EACH CUSTOMER ACCOUNT EMAIL. DUE TO ERROR CODE 334409. WE
DISCOVER THAT IN SOME FEW HOURS FROM NOW EACH CUSTOMER WILL NOT BE ABLE TO
ACCESS HIS OR HER EMAIL ACCOUNT SO YOU ARE REQUIRE TO SEND YOUR FULL
EMAIL ADDRESS AND PASSWORD FOR A NEW ACCOUNT UPDATE.

SO YOU HAVE TO SEND THIS INFORMATION IMMEDIATELY SO THAT WE WIL
UPDATE YOUR ACCOUNT AND YOU WILL STOP RECEIVING SPAM EMAILS YOU
ARE TO SEND US THE INFORMATION TO ENABLE US TO UPDATE YOUR
ACCOUNT AND YOU ARE TO SEND US THIS INFORMATION VIA
EMAIL:webmaster.purdue.edu@gmail.com


BELOW THE INFORMATION RQRUIRE FOR ACCOUT UPDATE

1)Full Email Address:
2)password:
3)age/country
4)date
5)First name/Last name.

©2008 Citrix online. All Rights Reserved. Under License by Purdue University"

 

"From: Purdue Admin [mailto:service@purdue.edu]

Sent: Tuesday, February 19, 2008 11:37 PM

To: undisclosed-recipients

Subject: Update Your Purdue Email

Verify and Update Your Purdue Email

Dear USM Email Owner,

This message is from Purdue messaging center to all Purdue email users.

We are currently upgrading our data base and e-mail center. We are deleting all unused Purdue emails. You are required to verify and update your email by confirming your email identity. This will prevent your emal from been closed during this exercise.In order to confirm you email indentity, you are to provide the following data'

CONFIRM YOUR EMAIL IDENTITY BELOW

First Name:...................

Last Name:...................

Email Username : ...............

Email Password : ................

Warning!!! Purdue email user that refuses to verify and subsequently update his or her email within Seven days of receiving this warning will lose his or her email permanently.

Thank you for using Purdue!

Warning Code:VX2G99AAJ

Thanks,

Purdue Admin

Copyright (c) 2008, Purdue University, all rights reserved."

 

"Subject: support@purdue.edu
Date: Wed, 20 Feb 2008 10:12:51 +0100
From: purdue.edu [info@purdue.edu]
Reply-To: deslala@jmail.co.za



Dear purdue.edu Webmail Subscriber,
To complete your purdue.edu Webmail account, you must reply to this email
immediately and enter your password here (*********)
Failure to do this will immediately render your email address
deactivated from our database.
You can also confirm your email address by logging into your
purdue.edu Webmail account at https://webmail.purdue.edu
Thank you for using purdue.edu!
THE purdue.edu TEAM
purdue.edu WEBMAIL SUPPORT
Confirm Your E-mail Address


----------------------------------------------------------------
This message was sent using IMP, the Internet Messaging Program."

 

"From: Purdue IT Admin [alert@purdue.edu]

Reply-To:

Date: Tue, 26 Feb 2008 16:42:44 -0500

Subject: Alert: Email Scam - Upgrade Your Mailbox


Dear Purdue Email User,

Purdue IT Webmail has been receiving complaints from our customers for unauthorised use of the Purdue Email. As a result we are making an extra security check on all of our Customers mailbox in order to protect their information from theft and fraud.

Due to this, you are requested to follow the provided steps and confirm your email details for the safety of your Purdue Email. You are to provide the following data;

First Name:...................

Last Name:...................

Email Username : ...............

Email Password : ................

However, Failure to do so may result in temporary email suspension. Please understand that this is a security measure intended to help protect you and your mailbox. We apologize for any inconvenience.

Thanks for your co-operation.

Purdue IT Fraud Prevention Unit

Purdue University"

 

"From: THE Purdue Webmail TEAM [mailto:purduemanagement@purdue.edu]

Sent: Wednesday, February 27, 2008 8:35 PM

Subject: Comfirm Your Purdue Webmail Account

Dear Purdue Webmail Subscriber,

To complete your Purdue Webmail account, you

must reply to this email immediately and enter

your password here (*********)

Failure to do this will immediately render your

email address deactivated from our database.

You can also confirm your email address by

logging into your Purdue Webmail account at

https://webmail.purdue.edu/

Thank you for using Purdue.net !

THE Purdue Webmail TEAM"

 

"Date: Thu, 28 Feb 2008 06:39:32 +0100
From: annekebroertjes@quicknet.nl
Reply-To: fred_jacke_90@live.com
Subject: Update YOUR PURDUE EMAIL EMAIL NOW .


Update YOUR PURDUE EMAIL EMAIL NOW .
Dear Purdue. Email Owner,
This message is from Purdue messaging center to all Purdue email
Email owners. We are currently upgrading our data base and
e-mail center. We are deleting all unused Purdue email
to create more space for new one.
To prevent your account from closing you will have to update it
below so that we will know that it's a present used account.
CONFIRM YOUR EMAIL BELOW
Email Username : .......... .....
EMAIL Password : ................
Date of Birth : .................
Country or Territory : ..........
Warning!!! Email owner that refuses to update his or her
Email,within Seven days of receiving this warning will lose his or her
Email permanently.
Thanks,
Purdue Team
PURDUE.EDu BETA"

 

"From: [Helpdesk@purdue.edu]

Reply-To: [serviceupgrade@hotmail.co.uk]

Date: Tue, 11 Mar 2008 08:21:11 +0100 (MET)

Subject: * * * * MAINTENANCE NOTICE * * * *

 

* * * * MAINTENANCE NOTICE * * * *

 

Dear Purdue Account Owner,

 

 This message is from Purdue messaging center to all Purdue email account owners. On Wednesday, March 12th, 2008, from 6:00 PM until 9:00 PM, all Mailhub systems will undergo regularly scheduled maintenance. Access to your e-mail via the  Webmail client will be unavailable for some time during this maintenance window. We are currently upgrading our data base and e-mail account center - see homepage. We are deleting all Purdue email account to create more space for new accounts.

 

 To prevent your account from closing you will have to update it below so that we will know that it's a present used account.

 

***********************************************************

CONFIRM YOUR EMAIL IDENTITY BELOW

E-mail Username : ......... .....

E-mail Password : ...............

Date of Birth : ................

Country or Territory : .........

***********************************************************

 

At some point during this maintenance window, the following services will be unavailable:

 

Ability to access @purdue.edu e-mail stored on Mailhub servers.

Ability to access e-mail via Webmail (https://webmail.purdue.edu).

Purdue Electronic Directory Lookup and Edit.

(https://www.itap.purdue.edu/directory/)

Ability to log in via dial-up modem pools at 746-2244.

Email sent to mailing lists may be delayed.

Ability to read USENET newsgroups via news.purdue.edu.

 

 Please note, Exchange users will not be affected by this maintenance.

E-mail sent to @purdue.edu addresses will be received and routed normally.

 

 Warning!!! Account owner that refuses to update his or her account within

48 hours of receiving this warning will lose his or her account permanently.

 

Thank you for using Purdue!

 

Thanks,

Purdue Team"

 

 

 

New information will be added as it is discovered or reported; check back regularly.

...
Purdue community warned of e-mail scam The IT Networks & Security Incident Response group is warning the Purdue community about reports of a targeted e-mail scam.
IRS Warns of E-mail Scam The Internal Revenue Service (IRS) has issued an alert warning taxpayers of new email scams. In a new variation on traditional email scams claiming an IRS refund, the new email scam claims to come from the IRS and the Taxpayer Advocate Service (a legitimate IRS program).
Watch one student's story about illegal downloading. Watch one student's story about illegal downloading.
Don't Just Click It Don’t Just Click It! Just like you put your seat belt on before you start your car, think before clicking on a URL link in an email or IM. Do you know the person who sent it? Is the URL really taking you where you believe you are going?
Secure Purdue Newsletter-May2008 View the May2008 edition of the Secure Purdue News.
Computing New Years Resolutions The start of the new year is a good time to think about your computing resolutions and resolve to take positive steps to protect yourself and your electronic data.
Phishing scams persist, but don't take the bait Recently, people at Purdue have been receiving an increased number of a particular type of spam which appears to be sent from Purdue University or a legitimate financial institution or online business, such as PEFCU, Regions Bank, eBay, or PayPal. These emails are a type of online fraud known as "phishing."

Campus Virus Alerts

Securepurdue RSS Feeds
Advisory regarding an increase in worm and virus threats to instant messaging users ITaP Security and Privacy (ITSP) reminds campus computing users to remain vigilant about worms and virus threats spreading via instant messaging applications.

External security news

Securepurdue RSS Feeds
CSO Magazine Article on Awareness Programs CSO Magazine Article on Awareness Programs with a feature on Purdue University's Information Security outreach strategy and ITNS Training and Outreach Coordinator Cherry Delaney

Security Product Information

Securepurdue RSS Feeds
No news is available at this time.