Washington University Hit with Phishing Scam, Alerts Students, Employees
St. Louis (Missouri, USA) situated Washington University lately informed staff and students about an attempted phishing e-mail scam that stole passwords from recipients, published universitycity.patch.com dated 3rd October 2013.
Bearing a header "URGENT ALERT," the scam e-mail addressing the recipient told that for keeping Washington University's server along with details of all employees secured vis-à-vis any type of cyber-assault ever-since the university's database was recently compromised, both the HR and IT departments jointly agreed towards making their system up-to-date via using the new Online Transaction Processing Microsoft Server. Consequently, the user needed upgrading his details and profile to the said platform immediately, for keeping both safe.
The e-mail continued that not even 2-mins would be required to make the user's profile up-to-date. And to carry out the process, he should click the web-link embedded underneath.
Disturbingly, 5 employees at WU became victimized with the fake electronic mail.
Teacher of social media and technology law at WU, Prof. Scott Granneman stated that anyone becoming victimized with any phishing campaign would least likely get back his lost money. Kmov.com reported this dated October 3, 2013.
Granneman, who was requested to describe how the current e-mail campaign was different from others, stated that in any usual phishing scam, the e-mails were dispatched to a mammoth number of people. It was similar to one shot-gun explosion that encompassed a maximum possible range hitting whoever it was possible. But, spear phishing was like any sniper rifle, precisely targeting just a handful of individuals whom one intended to.
Thus Granneman suggested not ever hitting on any web-link inside an e-mail.
He advised that one shouldn't ever dispatch personal details over electronic mail, as e-
mail was similar to postcards, which anybody could go through during transit. An e-mail wasn't encrypted. Its content could be easily seen as it passed from server to server of individuals across the Net, the professor explained.
Meanwhile, in a similar e-mail scam hitting another American University during recent months was University of Michigan. That phishing scam, during mid-August 2013, tried acquiring employees' passwords, hack into their private data as also divert their direct payments.
» SPAMfighter News - 12-10-2013