Tag: Phishing

Spam/Phishing Alert | Be Vigilant

Please be aware of more fraudulent emails being sent to University email accounts. Phishing emails are designed to try and obtain your credentials or insert malware onto your computer.

Screenshot of latest phishing attempt given below:

Do not interact with the email if you have received it and delete from your inbox immediately.

Did you click?

  • If you have supplied your credentials or personal information, change your password immediately.
  • If the device you used when interacting with it is University-owned (i.e. a Student / Staff Desktop), please contact the IT Service Desk for advice.
  • If the device you used when interacting with it is your own (i.e. a personal device), we advise that you run an anti-malware software from a reputable source and perform a scan on your device yourself.

Educate yourself
The most common phishing attack method is by emails. These authentic-looking messages, usually called phishing scams, are designed to exploit information from the recipients; either by asking them to reply to an email message or by clicking on a link/attachment within the email.

These emails cannot corrupt your device on its own, you have to interact with it. Think:

  • When you receive an email to your University account, consider if you were expecting correspondence on that topic, from that recipient. If you weren’t, and the message is calling for you to act either by sending information, clicking on an active link, or downloading an attachment, first ask the IT Service Desk to confirm its legitimacy.
  • Never tick/check enable macros on attachments, unless you explicitly need to and trust the sender.
  • Don’t run a program if you don’t know where it has come from and you have not chosen to install it yourself
  • Do not provide your username and password, especially if you have any concern over the legitimacy of an email

Further advice can be found on the Information Security website section.

Getting help
UoD IT staff are available 09:00-22:00 Mon-Fri and 10:00-22:00 Sat-Sun. Please log a call for assistance via Help4U if you have any concerns.

Phishing Email – Alert

Please be aware of a phishing email that has come to light.

Subject: UNVERIFIED SENDER:Security Alert

This phishing email is designed to try and obtain your credentials. If you have clicked on the link in the email and entered your username and password, please change your password immediately.

Further advice is available: https://www.dundee.ac.uk/it/services/email/security/

We have reported this to Microsoft to prevent further distribution

The phishing email is designed to try and obtain your credentials. If you have clicked on the link in the email and entered your username and password, please change your passwords immediately.

Further advise is available: https://www.dundee.ac.uk/it/services/email/security/

We have reported this to Microsoft to prevent further distribution

The phishing email is designed to try and obtain your credentials. If you have clicked on the link in the email and entered your username and password, please change your passwords immediately.

Further advise is available: https://www.dundee.ac.uk/it/services/email/security/

We have reported this to Microsoft to prevent further distribution

Fake student loan emails

New or returning student? Please be cautious with your emails. Fraudsters have been targeting students across the UK with the email phishing scam pictured below:


This is not a genuine communication, as can be seen by the many errors included in the text. It is designed to trick you into giving up your personal information, which may then be used to defraud or steal your identity. Do not click on any of the links if you receive it and report it to us before deleting from your inbox.

Did you receive this and act on it?
Paul Mason, Executive Director of Repayments and Counter Fraud, said: “We will never request a student’s personal or banking details by email or text message. Anyone who receives a scam email about student finance should send it to us at phishing@slc.co.uk in addition to reporting it to Action Fraud, as this allows us to close the site down and stop students from being caught out.

More information about this phishing scam can be reached on the Action Fraud website.

 

Phishing scam: ‘Expiration Notice’

An unknown number of users have received a phishing scam message:

From: Helen Murray <userservices.supervisor@gmail.com>

Subject: Expiration Notice

The message claims that ‘your access to “My Dundee” will soon expire’. It goes on to state “You can reactivate it by logging in through the following URL” which is hyperlinked into the email.

Do NOT click on the link provided. The link is NOT to a Dundee site, but to leads to a .Dundee.ac.neze address, which is not legitimate.

Users should always change or reset passwords using proper University methods.

Best practice is to delete the email entirely. Please do not reply to the e-mail or click/copy-paste the link within it.

More information about Phishing and how to identify email scams can be found on our website.

Please contact the IT Service Desk if you have clicked on the link or pasted it into your browser’s address window, or if you need additional information or support.

Phishing scam: Attachment A2.20.23.pdf

An unknown number of users have received a phishing scam message:

From: wwwpostu@walla.com
Subject: A20
With an attachment entitled: A2.20.23.pdf

Best practice is to delete the email entirely. Please do not open or download the attachment if you have received this message to your inbox as you may be introducing a security threat to your device.

We are working to verify the legitimacy of the email. Updates will be added to this post as more information comes to light.

More information about Phishing and how to identify email scams can be found on our website.

Please contact the IT Service Desk if you have clicked on the attachment or need additional information or support.

Phishing scam: eVision password change

An unknown number of users have received a phishing scam message with the subject line “Fwd: Expiration Notice”.

The message requests that eVision users change their login details to continue to have access to the service and provides a web address to do so.

The sender is not an official University account and we are working with our engineers to block the sender to ensure it cannot issue further messages into our email system.

If you have received this message, please refrain from clicking on the link as you may be introducing a security threat to your computer.

The University would never write to students or staff in this way and if  you were ever asked to change your password you would always be pointed towards the Password Change Utility.

More information about Phishing and how to identify email scams can be found on our website.

Please contact the IT Service Desk if you have clicked on the attachment or need additional information or support.

Phishing scam alert

An unknown number of users have received a phishing scam message with the subject line “Your grant information from the University of Dundee” (click on the image below to view in full size).

spam

The sender “University of Dundee” is not an official University account and is blocked at the gateway to ensure it cannot issue further messages into our email system.

If you have received this message, please refrain from clicking on the link as you may be introducing a security threat to your computer.

More information about Phishing and how to identify email scams can be found on our website.

Please contact the IT Service Desk if you have clicked on the attachment or need additional information.

Phishing scam alert

It has come to our attention that a phishing scam message with the subject line “Important account information” has been distributed to an unknown number of UoD members.

The sender “University of Dundee” is not an official University account and is blocked at the gateway to ensure it cannot issue further messages into our email system.

If you have received this message, please refrain from clicking on the link as you may be introducing a security threat to your computer.

More information about Phishing and how to identify email scams can be found on our website.

Please contact the IT Service Desk if you have clicked on the attachment or need additional information.

Phishing scam alert

It has come to our attention that a similar phishing scam message (see below) has been distributed to an unknown number of UoD members:

phish

If you have received a similar message like the one above, please refrain from clicking on the attachment as you may be introducing a security threat to your computer.

The sender “accounts@dundee.ac.uk” is not an official University account and is blocked at the gateway to ensure it cannot issue further messages into our email system.

More information about Phishing and how to identify email scams can be found on our website.

Please contact the IT Service Desk if you have clicked on the attachment.

IT security update – be vigilant

We are always monitoring IT community message boards and mailing lists for prior warning of potentially dangerous malware attacks on our network.

We are currently aware that organisations have been targeted by malware known as CryptoLocker. Users will see a tracking notice from a shipping company such as FedEx, UPS etc. either through email or social media and as it looks from a legitimate contact, open it. They are then infected by malware which encrypts files, stops software from running and corrupts documents. If you are in doubt of the validity of an email – delete it.

Read More