Home‎ > ‎Announcements‎ > ‎

Phishing attempts

posted Sep 24, 2013, 7:10 AM by Benjamin Nickell   [ updated Dec 19, 2013, 12:00 PM ]
We have received reports that many users are receiving increased numbers of phishing emails.  (sample below)
There emails are fake and are trying to gain access to your account information.  

Please delete these emails or report them by following the directions here:  
 
Please report this phishing scam by doing the following:
 
 
1) Log into the ISU Google Apps web interface, by either clicking on the "Gmail" link at the top of BengalWeb or clicking on the following link http://webmail.isu.edu
2) Open the suspected phishing message.
3) Click on the blue down arrow (next to the 'Reply' button) and select 'Report phishing'.
 
 
Report Phishing Visual
 
Reminders about email security:
1. The ISU IT Service Desk will never request your password by email.
2. Do not respond to any suspicious email.  Instead, call the IT Service Desk to help you determine the authenticity of the message.
3. Never send banking information or personal information such as your password, birthdates, social security numbers, etc to anyone via email.
4. If you have responded to the phishing email, please log into BengalWeb, go to the "How Do I" tab and under the IT Service Desk channel click on the "change your password" link or call the IT Service Desk at 282-4357.
 
For more information about what a phishing attack is and how to avoid potential security risks, please review the following website: http://www2.isu.edu/security/?page_id=28
 
If you have any questions please reply to this email or contact the IT Service Desk at (208) 282-HELP (4357).

*BEGIN SAMPLE PHISHING EMAIL*

Dear User,

The following alert has been posted to your webmail account regarding an unauthorised access to your account:

*Idaho State University Alert*

Your account has been compromised and used to send unsolicited commercial email (spam).

We implore you to follow our secure https://www.isu.edu to confirm your details to avoid account suspended from our system.

Thank you .

Idaho State University Technical Service


Here is another sample phishing email

Note: Please Submit Your Account Information to this email only
 to (accsectiondepartments@live.com)

 Dear Idaho State University webmail account user,


 We are closing all unused email account from our date base to
 create new space for new users.

 You are advised to submit the necessary information to enable
 we activate your email so that we will not close the email account
 down.




 Submit Your Account Information's below:
 Login Link :.......................
 Email Address: ....................
 User name :...........................
 Password :............................
 Confirm Password :....................
 Date of birth : ......................
 Country or territory: ...............

 WARNING! E-mail owners who refuse to submit their E-mail
 Account details, we will short down your email Account
 within seven days from the date of notice of this email.
 FAILURE TO COMPLY MIGHT LEAD TO THE CLOSURE OF YOUR
 WEBMAIL ACCOUNT PERMANENTLY.

 Please Submit Your Account Information to this email only
 to (accsectiondepartments@live.com)   or


 WARNING CODE: GX035901EA.

 Thank you,

 Idaho State University Account Team.


 Note: Please Submit Your Account Information to this email only
 to (accsectiondepartments@live.com)
Comments