Phishing Assaults Targeting NCSU Members Increasing Tremendously, States Kerry Digou
Information Technology Manager Kerry Digou for Security and Compliance has said that phishing attacks are increasing against faculty, students as well as staff of NCSU (North Carolina State University) situated in North Carolina, USA, as attackers keep finding fresh methods for grabbing money by targeting accounts of the University members; reported technicianonline.com dated April 9, 2014.
Digou notes that over the past 30-60 days, educational establishments for higher studies across the country have observed an increased number of phishing attacks.
According to him, quite frequently, phishers dispatch e-mails pretending to be a North Carolina State official directing to provide Unity IDs as well as passwords. They dispatch the maximum possible e-mails so as to acquire University members' information identified as recipients of paychecks that are directly credited to their accounts.
After managing to access an account, the phishers alter the bank account details of the faculty or student targeted while get the money credited straight to the formers bank account rather than the intended one.
Digou said that when OIT (Office of Information Technology) confirmed the total number of assaults, it was found that nearly 1% of them at North Carolina State were able to mine A/C details.
The OIT, however, suggests a few easy security measures for countering the increasing phishers' assaults. These are: one, not answering the above kind of unsolicited e-mails. Two, remembering that NCSU employees won't ever request for personal information, including restricted data such as passwords over telephone, text, e-mail else other communication modes. While the university may advise for resetting a password, it won't ask for disclosing it like within the aforementioned instance.
Three, anyone believing he has answered back a phishing e-mail should inform OIT about it via sending the message at firstname.lastname@example.org. He should ensure that the e-mail headers alternatively the reply-to id is included while forwarding the message.
Meanwhile, another US University becoming a phishing target during the past 6-months was the Michigan State University during the 1st-week of April 2014. In that attack, the payroll details of employees were involved. It was found that substantiated credentials (usernames and passwords) got utilized in both incidences.
» SPAMfighter News - 21-04-2014