Phishing Attacks Hit University of Houston

The University of Houston (UH) has recently been targeted by cyber criminals with phishing attacks. The attackers (phishers) have been sending e-mails to the students by representing themselves as the Houston University officials.

As per Mary Dickerson (Chief Information Security Officer), these types of attacks have been occurring on universities across the country, as reported by thedailycougar on June 9, 2010.

In fact, she has revealed that the University of Houston has seen high number of phishing attacks for the past 45 days.

One of the recently occurred phishing attacks on Houston University was reported in the last week of April 2010 in which the students received a notification (in the form of an e-mail) from the University saying that they (students) had changed their e-mail access. The University detected this change with the help of newly installed hardware and software, which was introduced to raise the University services and support user's subscriptions.

The notification further states that the students should update their login credentials by giving information on the embedded hyperlink "UPDATE." If the students fail to follow the instruction, then their accounts will be blocked.

Apart from this attack, the University students had received a phishing e-mail in early February 2010.

Dickerson commented on these phishing attacks saying that the phishers create fake website to steal the students e-mail credentials. These credentials were later on used by the phishers to access their (students) e-mail information or other accounts (like banking accounts, etc). The phishers also use the students e-mail accounts to send spam or new phishing messages, as reported by thedailycougar on June 9, 2010.

The University Information Technology Security has the issue very seriously and is cooperating with law enforcement and appropriate Internet organizations to nab the culprits.

Moreover, the University has asked its students to follow some good practices such as - avoid clicking on a web link in an e-mail, always type the URL of the website they want to access in browser directly. In addition, they should inform the concerned authorities of any suspicious e-mails so that culprits behind the phishing scams could be nabbed.

Related article: Phishing With A Redirector Code

» SPAMfighter News - 6/17/2010