University of North Carolina Under Fresh Phishing Attack

As per the news published by wral.com on April 6, 2010, a phishing e-mail scam is seeking out students, faculty and staff at the University of North Carolina (UNC) at Chapel Hill (North Carolina, USA).

These phishing mails are made to dupe users into revealing details like passwords, social security numbers and credit card details, and these mails are just another sort of identity theft.

According to reports, the phishing e-mail states that UNC online profile of the user is locked and asks the user to follow a given link and then log in with the help of his/her ONYEN (Only Name You'll Ever Need) as well as password.

But a click would take the user to a phishing site that looks like the Webmail login page of the UNC, through which hackers got the access to username and password.

Judd Knott, Information Security Manager, UNC, stated that they have started getting several spam from the e-mails of the people, and that conveyed them that their accounts have been hacked. Further, Knott said that at that point of time they contacted the victims, as per the news published by dailytarheel.com on April 7, 2010.

It is said that the Office of Information Security is working with ITS Messaging Services to put a halt to such phishing e-mails and to recognize any responses that might have been sent by mistake.

Knott cautioned students to be always careful while online because prevention from these scams is difficult as these are extremely hard to detect.

As a result, users are being asked to delete such an e-mail at once. And if unfortunately they have replied to the e-mail and have revealed their password, they should call the helpdesk for help.

Some of the simple tips to remain safe from such a scam are: Do not just click on any link. Further, use the VPN (virtual private network) service which is available without any cost to UNC-Chapel Hill faculty, staff, and students when trying to remotely use UNC-Chapel Hill systems and computers. In addition, users are asked to keep their systems updated for avoiding such phishing attacks.

Finally, users should remember always to log-off when connecting to sites including webmail websites.

Related article: University Reports Increase in Spam

» SPAMfighter News - 4/19/2010