Phishing Scam Makes Way to OSU Servers

According to officials of OSU (Oregon State University), a phishing scam known as the "pay or die" is managed to enter the computer servers of the university in the end week of March 2008, potentially affecting faculty and students.

"Phishing," a common way to rob computer users off their money takes place when technically skilled criminals attempt to obtain sensitive information relating to credit card or bank accounts. The technique often includes sending out e-mails that look official but threaten about something.

The pay-or-die scam, targeting OSU e-mail accounts, has been found hoax that threatens to assassinate the recipient but spare his or her life if he/she pays up.

Lt. Jeff Lanz, the Oregon State Police, says that these e-mails are dispatched with the anticipation that at least one or two persons would get frightened and so send the ransom, as reported by GazetteTimes on April 1, 2008.

Besides, members of OSU reported that they also received e-mails that directed recipients to click a link that provided 'important news of the University of Oregon', as per e-mail issued to students from the university's Information Systems. Actually, the dubious link lands the user onto a page looking similar to DuckWeb, but the Web page is totally false.

Some students, however, entered their Duck ID password on the fake Web page. Jon Miyake, the officer taking care of the acceptable use policy at the university's Information Services, said that the department is working to secure the members' accounts, as reported by Dailyemerald on April 2, 2008.

University authorities believe the tricky e-mails originated from Nigeria, the country known to host such scams and they were delivered to about 1 Million accounts. However, efforts to locate the exact place from where the scam originated produced no result.

Officials are recommending recipients that they delete the message.

In related news, the accounts of Ohio University were similarly targeted with phishing attacks on April 1, 2008. Approximately, 3,200 students got an e-mail informing them that OU was upgrading its Webmail account, so students were required to provide their user credentials otherwise they would find their account suspended.

Related article: Phishing With A Redirector Code

» SPAMfighter News - 4/10/2008