VCU Technology Services
This alert is Past.
Past alerts pertain to issues that have been resolved or which are no longer relevant.
[Update For 2/27/12] VCU Target of New Phishing Attack
Update 2/27/12: Members of the VCU community are being targeted by yet another new email phishing scam message. The message received (See image below. ) indicates that the recipient has a secure message in their webmail account. Remember, VCU does not refer to our email services as webmail.
If the link in the above message is clicked, the person is taken to a site that has been mocked up to look like VCU’s Central Authentication Service (See image below) but the real purpose is to harvest the recipient’s VCU eID and password.
Looking at the web address in the address field (Red box in the image above.) shows the site is hosted at a non-VCU location. It is always smart to not click on links in emails that you are not sure of the source but if you do, always check the web address to make sure that the site is hosted at the site you expect. In this case, the expected web address should include login.vcu.edu indicating that vcu.edu is the primary domain hosting the page. Please contact the VCU helpIT Center (828-2227, helpIT@vcu.edu) with any questions or if you clicked the link in the scam email message.
_______________________________________________________________
Update for 2/20/12: The VCU community has been reporting that a new, IRS based, email scam that is hitting the campus email inboxes. The email purports to be from the “IRS Tax Notification Department” and carries a Subject line with “Urgent penalty notification”. This email is a phishing scam and should be ignored and deleted. The full text of the message is below. If you have responded to this message, please contact the VCU helpIT Center (828-2227, helpIT@vcu.edu) for assistance:
|
|
© 2012 IRS
|
_______________________________________________________________________
Update for 2/14/12: We have a new targeted attack with the Subject line of “Regarding “vcu” Dispute” that was discovered today. As with all phishing attacks, please do not respond and delete the email. Here is the text from the most recent phishing scam:
(If you are not in charge of this please transfer this email to your President or appropriate person, thanks) Dear President, We are the department of Asian Domain registration service in china, have something to confirm with you. We formally received an application on February 13, 2012. One company which self-styled “Jhew Investment Ltd” were applying to register “vcu” as Network Brand and following domain names: vcu.com.tw vcu.hk vcu.org.cn vcu.tw After our initial checking, we found the name were similar to your company’s, so we need to check with you whether your company has authorized that company to register these names. If you authorized this, we will finish the registration at once. If you did not authorize, please let us know within 7 workdays, so that we will handle this issue better. Out of the time limit we will unconditionally finish the registration for “Jhew Investment Ltd”.
Best Regards James Chen Registration Dept.
Update for 2/8/12: Phishing attacks are continuing to target the VCU community. The most recent is highlighted by VCU information Security Officer Dan Han below:
Don’t be fooled by Tax ID Scams!
With tax season ramping up, tax scams are on the rise. These emails claim to be from Intuit (specifically software@intuit.com) with a subject header that says something like “Urgent update of tax information is requested” or “Tax information required within 30 days.” It may look like this:
DO NOT RESPOND and DELETE it.
The text will say something similar to:
****************************************************************************************
Dear Account Holder,
In our continuing effort to guarantee that exact data is being sustained on our systems, as well as to provide you better quality of service; INTUIT INC. has participated in the Internal Revenue Service [IRS] Name and TIN Matching Program.
We have discovered, that your name and/or Taxpayer Identification Number, that is stated on your account does not correspond to the data on file with the Social Security Administration.
In order to check the data on your account, please click here.
Regards,
INTUIT INC.
Corporate Headquarters
2632 Marine Way
Mountain View, CA 94043
****************************************************************************************
There are a few variations on this scam, the point is that they want you to confirm your tax identification number.
Don’t.
Don’t click on any links and don’t give out your personal information. The link may contain a virus that could infect your computer or direct you to a malware site in order to steal your identity or otherwise access your financial information.
If you receive the email described above, or one like it, DO NOT RESPOND and DELETE it. If you accidentally respond, contact the VCU helpIT Center (828-2227, helpIT@vcu.edu) to notify them that your account may have been compromised.
Always delete any email that appears to be suspicious. If you are unsure of the legitimacy of an email, you can contact the VCU helpIT center (help@vcu.edu) or VCU Information Security Office (infosec@vcu.edu) for assistance
____________________________________________________________________________________
(2/2/12) Many members of the VCU community have been targeted by an email with the subject line “Validate Your Email Account!” This is another phishing attack that is asking recipients to click on a link to update their email information. Please do not reply or click on the link and delete the email immediately. If you have replied or clicked on the link, please contact the VCU helpIT Center (828-2227, helpIT@vcu.edu) for assistance.
_rdax_167x35.png){kind=small}
Last updated: Aug 29, 2011