STEAM-ADVISORY NO. 2013091101
PURDUE UNIVERSITY SECURITY TEAM CIRT
Wednesday, September 11, 11:30:00 EDT 2013
Phishing Email Alert: "Webmail upgrade notification" - 9/11/2013
Targeted at Purdue users
There was recently a spear-phishing attempt that was sent out to
Purdue users that attempted to trick them into logging into a
fake myMail login page. The message itself appears legitimate
with a spoofed @purdue.edu address and copy of the myMail login
Please be advised that the email is not legitimate and should be
deleted or ignored. If you or anyone you know has clicked on the link
and entered your account info, then you will need to change your
password, challenge questions, and run malware scans on the computer
used. At this time the link has been blocked at Purdue's border.
This block will not protect users that click the link outside of
Delete the email. If credentials were entered already, change your
password and challenge questions. Also run malware scans on the
computer that was used.
==STEAM-CIRT CONTACT INFORMATION==
For questions concerning this advisory, please send email to:
Report computer-related abuse to steam-cirt:
http://w w w .purdue.edu/securepurdue/steam
(remove spaces from links)
Posted by ITSP on September 11, 2013, in Advisory Alerts.