Phishers Target University of Tennessee Students
The official Website of University of Tennessee's Information Security revealed that several UT students got an e-mail from email@example.com, notifying them that their friend had mailed an electronic greeting card to them.
The UT information security officials also said that the e-mail accounts of their students had been swamped with phishing messages that persuade users into disclosing their private data. The student accounts hacked by the underground hackers' community sent e-mails that seemed to have come from the support team of UT, asking for user IDs and passwords from the university staff and students. The black hat community of hackers was in full action.
The message directed the receiver to click on an attachment named postcard.zip. Upon opening the attachment, a Trojan named postcard.exe was installed.
The user perceived the application is a corrupt file that could not be opened. However UT's Vice President for IT, Jesse Poore, alleged that the Trojan creates a bot that is linked to a "bot controller." The bot then just waits for the consumer to go online, as reported by dailybeacon on September 24, 2008.
However, to avert such potential problems, Poore recommended students be alert of "proverbial signs" of these frauds, such as grammatical and spelling mistakes. According to him, the very fact that the e-card had supposedly come from some vague "friend" made it look more dubious. Poore further alleged that hackers use familiar names to circulate the Trojan. They alter the message only slightly so that it does not seem doubtful.
Also UT's information technology office asserted that users should understand that the IT department would never ask for any private information. UT received a large number of e-mails daily, and majority of them were spam. Besides, the IT department quarantined all the attachments enclosed within them.
Meantime, phishing and fake e-mail attacks on universities was fast becoming a familiar and hi-tech feature. Recently, several San Jose University students got another type of e-mail from individuals purporting to be university representatives. The e-mail stated that due to the updation of SJSU's database and e-mail center, it would be removing inactive e-mail accounts.
Related article: Phishers Expand Their Sphere of Attacks
» SPAMfighter News - 30-09-2008