University of Illinois’ Inmates, Latest Recipients of Phishing E-mail

According to Interim Chief Privacy and Security Officer Joe Barnes of UI (University of Illinois), an advanced phishing e-mail scam is targeting campus inmates, published dailyillini.com in news on July 7, 2014.

As phishers during the assault used a high degree of sophistication and because other prominent 10 academic institutions encountered similar phishing assaults, UI's Privacy and Information Assurance Office is convinced that the assaults were devised for garnering sufficient details for getting hold over the University's resources as well as for potentially altering the information related to direct deposit of payroll.

It seems as though 'UIUC Human Resources' is the sender of the e-mails that lead recipients onto one false edition of the UI's Login page for enterprise validation; however, asks end-users to provide their PIN too.

Barnes' mass e-mail security alert to inmates urges Web-surfers for examining their browser's address bar and solely submitting critical University info onto sites which contain uillinois.edu or illinois.edu as the URL's letters. To reiterate, whenever an online site solicits critical info that site shall start with HTTPS.

After informing individuals about the scam e-mail, the Privacy Information Assurance Office has begun to keep watch over impacted A/Cs for dubious alterations as a precautionary measure against the attack.

A few employees at the university reported getting the phishing e-mail whose caption related to salary information. If one followed its web-link he would land on one false login page whose domain-name had the suffix .ru instead of .edu like in uillinois.edu or illinois.edu. There was even direction to provide the user's personal identification number into the login section so the miscreants could utilize it for gaining admission into the person' private info on NESSIE. Users are therefore advised for refraining from viewing the e-mail alternatively following its web-links.

Meanwhile, University of Illinois isn't the sole educational institution to become target of cyber-crooks This year itself during April 2014, students of Oswego (New York, USA) situated Oswego State University were attacked with one Internet phishing scam. Pretending to be employees of Campus Technology Services, the phishers dispatched one spoofed e-mail to pupils counting an unknown figure.

» SPAMfighter News - 7/15/2014