Phishing E-mails Strike University of California
University of California also known as UC Davis lately was targeted on the Net when its faculty and students received a fake electronic mail in their Web-mail account captioned "Update Your UC Davis Webmail Account," reported theaggie.org dated June 6, 2012.
Aimed at Gmail accounts with ids marked as .ucdavis.edu, the hoax e-mails asked recipients for following a fake web-link for performing the so-called update.
Thus, rather than make the user's UC Davis Web-based e-mail account up to date, the web-link made him submit his username and password necessary for accessing the account, with the result, his account got hijacked.
Commenting on the attack, Robert Ono IT Security Coordinator at UC Davis states that about 70%-80% of the total electronic mails are phishing or spam mails. Although the university's IT security department blocks the majority of the messages from getting delivered, some may actually manage into the inmates' e-mail accounts, he explains. Theaggie.org reported this.
Ono adds that the few phishing/spam messages delivered get displayed into the junk folder, but then still few manage to land inside the mail inbox.
However, to remain safe from becoming victimized with the above phishing e-mail campaign, the University enumerated certain suggestions for the students through its authorized Internet site.
These are: recognizing the phishing e-mail, which may ask the recipient for giving the details of his account, particularly the password over e-mail. Such a query isn't at all lawful. Actually, a lawful e-mail sent from the IET (Information and Education Technology) won't ever request for passwords from its recipients. Besides, the phishing e-mail will often have grammatical and spelling mistakes as well as be poorly written.
IET suggests users against replying phishing e-mails, while deleting them instantly.
Meanwhile, alongside UC Davis, phishers targeted Washington State University too during mid-April 2012 when they sent phishing e-mails captioned "FW: Account maintenance." The fraudulent message calling upon the recipient's attention i.e. the Washington State University user stated that due to an ongoing account maintenance operation at the university, the user being a subscriber needed to validate his account membership failing which he'd face suspension of his account service.
Related article: Phishing With A Redirector Code
» SPAMfighter News - 12-06-2012