ITaP Networks and Security warns the Purdue community to be wary of
targeted phishing scams at the beginning of the school year. The
e-mails appear to come from Purdue University and its various
administrative departments (such as the "Purdue Webmail Team," "Purdue
Management Team," or "Purdue Support Team") and units. Many of these
e-mails direct users to navigate to a specific URL and then enter
personally identifiable information such as their Purdue University user
name and passwords.
Greg Hedrick, director of security services, warns Purdue e-mail users to be vigilant, especially at the beginning of the school year. "We often see an increase in these targeted phishing e-mails at the beginning of school terms. This is when users are sending and receiving a lot of e-mail and conducting school-related business. It is easy to mistake a phishing e-mail for a legitimate e-mail at this time," Hedrick said.
A current e-mail scam circulating the first week of Fall 2011 classes claims that it has detected irregular action within a person's e-mail system and asks the "Primary owner" to verify their account activity in order to continue using the account without restrictions. Users are then asked to click on a link that takes them to a malicious website.
Other variants of these types of targeted phishing scam e-mails ask users to respond to the e-mail to verify their account activity, or confirm their e-mail address, computing login information, and password. Many of these e-mails use Purdue University terminology, pictures or graphics, and appear highly authentic. Some of these e-mails have been found to contain various attachments such as html files, Word documents, pdf files or picture files. ITaP Networks and Security highly advises users not to open these attachments.
In most variations, the e-mails state that if the user does not respond or take some required action that their e-mail account will be deactivated from the database.
Purdue University campus computing users are reminded that IT units at Purdue will never ask users to divulge their passwords to University IT resources.
ITaP Networks and Security recommends that users do not reply or take the action requested in the e-mail or open its attachments and instead immediately delete the e-mail. These are targeted e-mail phishing scams that attempt to fraudulently acquire sensitive information by masquerading as an authoritative Purdue department or unit.
ITaP Networks and Security further recommends that if you have already responded to the e-mail to immediately reset your password. Users can go to the password reset page located at www.purdue.edu/securepurdue. Click on the "Change Your Password" link.
Posted by Joanna Grama on August 23, 2011, in Secure Purdue News.