Phishers Try to Seize Stanford Account Details
Fraudulent phishing e-mails were targeting Stanford University students' e-mail accounts during the second week of January 2008. The e-mails posed to be came from the e-mail administrators of the university, asking for verification of accounts, as reported by The Stanford Daily on February 20, 2008.
After students reported that they received the fraudulent e-mails, the ISO (Information Security Officer) at the university dispatched e-mail to the inmates of the university during the second last week of February 2008.
The phishing e-mail that spread university accounts addressed the recipients as "STANFORD E-mail Account Owner" and proceeded to describe that it was part of "Stanford Team's" effort to upgrade its "e-mail account center". The message used block letters and instructed students to verify their e-mail details by replying with date of birth, country of origin, username and password.
The address of the sender showed as email@example.com, however, the reply-to address ended at the googlemail.com. One more sample of the phishing e-mail showed sender address as firstname.lastname@example.org.
According to Mike Rodgers, Kimball Resident Computer Consultant, scammers aren't necessarily seeking access to Stanford e-mail accounts. They generally try to break into the bank account of a student, thinking that the student has the same username and password as that of his school account, as reported by The Stanford Daily on February 20, 2008.
To prevent the scam from spreading, the IT Services of Stanford University blocked the messages from entering inboxes and also blocked the phishers' addresses over the main servers. However, the ITS has given a warning that fraudulent e-mails addresses can change frequent and it will not sought the problem permanently.
Further, the ITS said that a genuine message from Stanford e-mail administrators never asks for information verification via e-mail.
Related article: Phishers Expand Their Sphere of Attacks
» SPAMfighter News - 27-02-2008