Harvard University Students Receive Phishing E-mails
In the second week of June 2010, students of the Faculty of Arts and Sciences (FAS) at the Harvard University were cautioned of a phishing assault.
The students received the phishing e-mails in their inboxes bearing the subject line "Your Account has been flagged and is about to be out of service". The e-mail purported to be from the Harvard University FAS "Webmailadmin@fas.harvard.edu".
The e-mail has the same text as the subject with an additional sentence that the user was required to update his account details to fix the issue. Then a hyperlink followed "CLICK TO UPDATE".
The information asked in the e-mail included the e-mail recipient's username, password and birth date.
In wake of recent phishing scams exploiting FAS e-mail addresses, FAS IT released a cautionary announcement on June 17, 2010. In the announcement, it was said that an employee of FAS IT would in no case ask for the user's account password, whether by phone or via e-mail, as doing so means violating University's security policy, reported thecrimson.com on June 17, 2010.
Unfortunately, FAS IT has witnessed an increase in the amount of reported phishing scams in the recent times, stated Noah S. Selsby, Senior Client Technology Advisor, as per the news published by thecrimson.com on June 17, 2010. Selsby also revealed some security measures that can help prevent the damage caused by these scams.
The tips included: Avoid clicking any link or open any suspicious or unsolicited attachments; and never reply to a dodgy e-mail that asks for personal information. In case there is doubt regarding an e-mail, the user can verify its authenticity by contacting the FAS IT at its help line number or mailing at firstname.lastname@example.org.
However, if anyone has already fallen for the scam, he should straightaway contact the concerned institution that owns the account from where the e-mail has originated.
To conclude, security experts said that US Universities are being increasingly attacked with phishing schemes. University of Houston and Ball State University were the others that reported phishing assaults in June 2010.
» SPAMfighter News - 26-06-2010