Phishing E-Mail Strikes on Elon Inmates

Officials at Elon University notified the Elon community on August 3, 2008 evening that a fake e-mail was being sent to them from an unknown external source to seize private details.

The officials said that the e-mail, which showed the subject as "Upgrade Your Webmail Account", resembled the messages sent regularly in every few months. The e-mail tried to obtain the recipient's full name, status in the community and account credentials such as username and password so that it becomes easy to steal the identity.

The message claimed to have come from Elon University to upgrade e-mail center and database. Also, the e-mail dispatched to all Webmail users of the university and asked recipient to confirm his account details, otherwise his account would be suspended within seven days.

The Internal Revenue Service Website stated that this manner of stealing identity details is known as 'phishing' and common type of e-mail frauds. It derived the name after sophisticated baits were increasingly used to "fish" for details off users.

By supplying outsiders with such kind of information, spam mailers are able to access OnTrack accounts and have sufficient information to commit an identity theft. Subsequently, they make fake credit cards to purchase anything under a genuine identity.

Chris Fulkerson, Assistant Vice President for Technology, said in a mass e-mail to every Elon faculty, staff and student that all genuine communications regarding the school's e-mail accounts could be delivered only through e-mail, campus mail and E-net, as reported by ELON on August 4, 2008.

Fulkerson further said that the phony e-mails are blindly dispatched to addresses with elon.edu as suffix, in the hope that someone would reply with confidential information.

Meanwhile, Elon University said that as part of precautionary measures against phishing, it distributed several alert notices in 2007 to the university's new entrants. However, every time the entrants confronted the question about whether the e-mail they received was genuine or one from phishers seeking to steal data.

Related article: Phishing With A Redirector Code

» SPAMfighter News - 8/22/2008