Wednesday, January 9, 2013

Be Aware of SPAM and Phishing emails

Please be very observant and diligent with regards to reading and acting on emails. In early January 2013, the following email may have gotten through to some of the SMU Community.
This is the actual text of the email, DO NOT click the link:



"Subject: Dear Account User

To:

Congratulation You can now log in to Saint Mary's University of
Minnesota news forum and get the latest information and news/update.
Please use the database link:
http://www.empin.org/phpFormGen/forms/form1.html you are required to
log in for automatic update of your account to log in for more
information about this service.

Sign, ©smumn.edu
All rights reserved."

This is the from information:
From: Email Account User <eosigney@ucdavis.edu>
Date: Sun, Jan 6, 2013 at 4:46 PM

Again as we have pointed out numerous times in the past these types of email NEVER come from SMU iT staff or the HelpDesk. We are very cognizant of how we word email and how it is addressed and signed. Note important key observations to indicate phishing emails:
1) the to: field is generic or blank
2) the subject field is generically addressed to "dear account user" iT would not have this be a subject, EVER
3) the from is not an SMU email address and if you reply it would be telling it is not an smu email
4) it is generically signed at the bottom or not signed at all
5) we would not give you a link to login with we would ask you to login to a specific system on your own.
6) Spelling and grammar may or may not be good. granted people typo but SMU IT tries very hard to have accurate and correct spelling, grammar, and content in messages that go out to our customers.

These are dangerous emails to respond to as your are giving third parties access to your username and password. We have observed in the past these being taken advantage of within an one or two of being supplied the information by a user.

No comments: