Wednesday, March 26, 2008

Fraudulent Requests for Passwords

I received the following "update" from the University.
I do not use the university Email because I have been targeted by too many spams there.
How can I be targeted while others do not receive that much spam in the inbox. Specially, I have not exposed my University email.

Let there be rats!

I have a blog which contains spams I have been receiving recently.
************
The University continues to be the target of phishing attacks. These attacks have grown more sophisticated in their attempts to trick members into revealing their account information (NetID and Password). Below you will find some sample phish messages reported by UAlbany recipients and other institutions. A popular theme is the notice of a security breach that requires account confirmation.

This is a reminder that the University will NEVER ask you to reveal your account password.

To (poorly) paraphrase Dr. Seuss:

We will not ask you in an email.
We will not ask you on the phone.
We will not ask you in person.
We will not ask you for your password, period.


Phish Sample #1
------------------------
From: Help Desk Center [mailto: support @ upgradecom]
Sent: Monday, March 24, 2008 2:57 PM
To: xxxxxxx@albanyedu
Subject: Please Verify Your Email Account

We are currently carrying out an upgrade on our system due to the fact that It had come to our Notice that one or more of our subcriber are introducing a strong virus into our system and it is affecting our
network.We are trying to find out the specific person. For this reason all subcribers are to provide their USER NAME AND PASSWORD for us to varify and have them cleared against this virus. Thosethat refuses,
their Email Account will be terminated in the next 48 hours.
Information to send;
USER NAME:
PASSWORD:
Hoping to serve you better.
Costomer Care Center

Phish Sample #2
-------------------------
From: "Bounced mail" ca>
Date: Mon, 24 Mar 2008 20:05:48 -0400
Subject: RETURNED MAIL: DATA FORMAT ERROR

Dear user xxxxxxxxxxxxx@xxuca,

Your account has been used to send a large amount of unsolicited email messages during the recent week.
Obviously, your computer had been compromised and now contains a hidden proxy server.
We recommend you to follow instructions in the attachment in order to keep your computer safe.

Best regards,
The xxu.ca team.

[-- Attachment #2: mail.zip --]

1 comment:

  1. Oh ! spam has becom a problem everywhere....Anyway,use gmail from google to your university account.Yeah,may be it makes you unclear but once go to goole app. and get some information abt it first.And then,you can try gmail for your university account.hope there will be less spam....

    ReplyDelete

Thanks for the comment.
Please stay on topics; off-topic/advertisement comments will be removed.

You may also like to visit : My Frame of Reference
(Press shift while clicking: Opens in New window.)