Phishing Email Alert: "Webmail upgrade notification" - 9/11/2013

STEAM-ADVISORY NO. 2013091101
PURDUE UNIVERSITY SECURITY TEAM CIRT
Wednesday, September 11, 11:30:00 EDT 2013


==OVERVIEW==

Phishing Email Alert: "Webmail upgrade notification" - 9/11/2013

==SYSTEMS AFFECTED==

Targeted at Purdue users

==DETAILS==

There was recently a spear-phishing attempt that was sent out to
Purdue users that attempted to trick them into logging into a
fake myMail login page. The message itself appears legitimate
with a spoofed @purdue.edu address and copy of the myMail login
page.

Please be advised that the email is not legitimate and should be
deleted or ignored. If you or anyone you know has clicked on the link
and entered your account info, then you will need to change your
password, challenge questions, and run malware scans on the computer
used. At this time the link has been blocked at Purdue's border.
This block will not protect users that click the link outside of
Purdue's network.

==SOLUTIONS==

Delete the email. If credentials were entered already, change your
password and challenge questions. Also run malware scans on the
computer that was used.

==STEAM-CIRT CONTACT INFORMATION==

For questions concerning this advisory, please send email to:
itap-securityhelp@purdue.edu.

Report computer-related abuse to steam-cirt:
https://purdue.qualtrics.com/SE/?SID=SV_4Z45KwRtZD5qROl

http://w w w .purdue.edu/securepurdue/steam
<http://purdue.edu/securepurdue/steam>

(remove spaces from links)



Posted by ITSP on September 11, 2013, in Advisory Alerts.

Purdue University, 610 Purdue Mall, West Lafayette, IN 47907, (765) 494-4600

© 2016 Purdue University | An equal access/equal opportunity university | Integrity Statement | Copyright Complaints | Maintained by ITaP

Trouble with this page? Disability-related accessibility issue? Please contact ITaP at itap@purdue.edu.

PDF files can be viewed in Adobe Acrobat Reader.