Login   |   Secure Purdue > News

Advisory Phishing Email Important Notice 10/10/2013

====================================
STEAM-ADVISORY NO. 2013101001
PURDUE UNIVERSITY SECURITY STEAM-CIRT
Thursday, October 10, 2013  11:30:00 EDT


==OVERVIEW==


Phishing email spoofing "Purdue Security Team" targeting myPurdue users.


==SYSTEMS AFFECTED==


Targeted at Purdue Users


==DETAILS==


A spear-phishing email was sent to Purdue users attempting
to trick them into logging into a fraudulent myPurdue web page.

The message itself appears legitimate with a spoofed @purdue.edu
address from "Purdue Security Team".  The email informs users of a new
security feature (SSL) which will help fight against phishing and spam
mail.  It instructs users to click on the link to secure and update
their purdue mail account.

This email is a phishing attempt to obtain your personal information
and the link(s) provided SHOULD NOT be visited.  In the event that you
have already done so, it is highly advised that you change your Purdue
career account password, password challenge questions, and perform
malware scans on any computers used to access the link(s).  Also,
please note that Purdue will never ask for personal information via email.


==SOLUTIONS==


Do not visit the link(s) provided and ensure the email is deleted.  If
the link(s) were accessed, change Purdue career account password,
password challenge questions, and perform malware scans of affected
computers.

IT Security & Policy has put an outbound block on the link and reached
out to the hosting provider to remove the web page.


==FURTHER INFORMATION AND RESOURCES==


http:// w w w
.purdue.edu/securepurdue/news/2013/phishing-email-alert-important-notification-10102013.cfm

(remove spaces from links)


==STEAM-CIRT CONTACT INFORMATION==


For questions concerning this advisory, please send email to:
itap-securityhelp@purdue.edu.

Report computer-related abuse to steam-cirt:
http:// w w w .purdue.edu/securePurdue/incidentReportForm.cfm


http:// w w w .purdue.edu/securepurdue/steam


(remove spaces from links)

Posted by ITSP on October 10, 2013, in Advisory Alerts.