Phishing Scam Target Students at UW-L

A malicious, phishing campaign has recently hit students at UW-L (University of Wisconsin La Crosse) (Wisconsin, USA).

John Tillman, Chief Information Officer of UW-L, states that these e-mails normally appear as if they have been sent from some reliable entity like a university, hospital or bank, as reported by Racquet on October 22, 2009.

Typically, phishing e-mails ask for the recipient's private information citing some reason or another. For instance - they might request students to provide their password and login details so that their systems could be updated. Subsequently, when the user clicks on a related web-link in reply to the message, he loses of all his account's control to the phisher.

The phisher utilizes that account for gathering additional details of students and to dispatch mass spam mails.

According to Tillman, allowing some person to assemble the student's identity by answering such e-mails could lead to blacklisting of UW-L.

Matt Rink, E-mail Administrator of UW-L, states that this could lead to marking the school as an entity engaged in offensive spamming, as reported by Racquet on October 22, 2009.

The student's computer could be taken control of illegally and malware such as viruses, spyware and keystroke loggers loaded on his system.

Considering that these scam messages are rather scary, Rink advises students to apply their best common sense when they receive questionable e-mails.

Moreover, security specialists suggest e-mail users to raise their knowledge about identifiable signs of different kinds of phishing or spoofed e-mails. Users should not divulge any of their sensitive or other personal information over e-mail since this mode of communication isn't very secure for people using the Net.

In fact, Rink has stressed that UW-L follows the policy of never requesting the students to supply their passwords or ID details through e-mails, therefore students must completely ignore e-mails that made such requests.

However, phishing e-mails targeting universities in the US are continuously growing. In previous month (October 2009), attacks involving phishing e-mails were reported hitting Saginaw Valley State University and California Institution (Fresno State, US).

Related article: Phishing With A Redirector Code

» SPAMfighter News - 11/5/2009