VCU Phishing Net

A recent phone based “Vishing” scam was reported to us. The potential victim received a phone call from an individual claiming to be Microsoft support, the individual told the potential victim over the phone that he computer is out of date and requires patching. The individual then instructed the potential victim to execute certain commands on her computer. When the potential victim told the individual that she will need to contact her IT department, the line then went silent. This is a typical scam that allows an attacker to “social engineer” his way into the victim’s computer or network. It is always good to question the legitimacy of individuals over the phone, especially if you don’t know the individual, and he or she is asking you to perform certain tasks on your computer. Please keep in mind, Microsoft or other big technology companies will not call you and tell your computer or software is out of date, if you receive such phone calls, it is most likely scam. For more information on scams, please contact the VCU helpIT center at 828-2227 or helpIT@vcu.edu.

The following scam attempts to trick its victims into opening an attachment, which contains a malicious link used to steal the victims’ credentials. Notice the generic language, sense of urgency, and the non-VCU sender’s address; all of these are tell-tale signs of an email scam. Please keep in mind to never open unexpected attachments from unknown and known senders and always hover your mouse over a link to verify its destination. If you have received this or other scams, please feel free to delete them. For more information on email and phishing scams, please contact the VCU helpIT center at 828=2227 or helpIT@vcu.edu

______________________________________________________________

System Administrator.docx 19K   View   Download

The following scam attempts to trick its victims into clicking on a malicious link, which leads the victim to a website that attempts to steal the victim’s login credentials. Note that the sender’s email address is not a VCU email address, and there are generic language included in the email. Further, the link in the email links to a website in France. Please remember that before clicking on a link, always hover your mouse over a link to see its true destination. If you have received this or similar scams, please delete them. For more information on email and phishing scams, please contact the VCU helpIT center at 828-2227 or helpIT@vcu.edu.

_____________________________________________________________

From: Kingma, Lynette N (kingma.lynette.n@xxxxxxx.xxx.gov.au) (email redacted)
Date: Sat, Apr 20, 2013 at 1:41 PM
Subject: IT Service Notification {Validate Your Email Account}
To:

                                  ******Information Technology Unit******

Dear Subscribers,

This notice is to alert our webmail users that there has been a recent flaw in our mail server. Due to this downtime most email relays will be delayed. Some accounts will be unable to receive and send mails.

Our technical team is working to fix this problem but in other to safeguard the Account of our subscribers you are required to validate your Account to the new server, a manual update is required from you as the email owner. This update is simple as it only requires you to Validate Your Email Account.

Click to Validate Email Account (Link redacted)

Thank you for your cooperation. Please be aware that in a few days the old server will Shutdown. Any email account that has not been updated will become inactive.

Thank You,
Technical Support Team.

Important - This email and any attachments may be confidential. If received in error, please contact us and delete all copies. Before opening or using attachments check them for viruses and defects. Regardless of any loss, damage or consequence, whether caused by the negligence of the sender or not, resulting directly or indirectly from the use of any attached files our liability is limited to resupplying any affected attachments. Any representations or opinions expressed are those of the individual sender, and not necessarily those of the Department of Education and Early Childhood Development.

The following scam attempts to trick its victim into clicking on a malicious link, which will subsequently attempt to steal the victim’s login information. Note the non-VCU sender’s email address, and the non-VCU link. Please remember to hover your mouse over the link to see the link’s true destination.  If you have received this or similar scams, please discard and delete them. For more information on email and phishing scams, please contact the VCU helpIT center at 828-2227 or helpIT@vcu.edu

______________________________________________________

Now we are at the end of the tax season, please be aware of scams pretending to be IRS that promises you free money, additional returns, or scams pretending to issue an audit. These scammers have emptied victims’ bank accounts and stolen identities. Always keep in mind to look for tell-tale signs in suspicious emails, such as the sender’s address, link destination, and language used. For more information on IRS and tax related scams, please visit the IRS website at:

http://www.irs.gov/uac/Newsroom/IRS-Releases-the-Dirty-Dozen-Tax-Scams-for-2013

For questions on email and phishing scams, please contact VCU helpIT center at helpIT@vcu.edu or (804) 828 – 2227.

Below is an email scam, or phishing, message that purports to be about email quota issues with the person’s account. This is an attempt to trick the recipient to click on a link that will either take someone to a site that will download malware software to their computer or attempt to gather their personal information. This message is fake and should be deleted. Please contact the VCU helpIT Center (828-2227, helpIT@vcu.edu) with any questions.

__________________________________________________________________________________

From: ”Abbott, Gary B.”
Date: April 5, 2013, 8:43:25 AM EDT
Subject: Warning! Warning!! Warning!!!

Quota mail size 97.9%
Admin/Staff/Student/Employee
Web mail Cleanup routine/upgrade… New mails are Blocked and Filter for safe please,  
CLICK-TO-CLEAN-UP-NOW. This has become necessary to serve you better.
© Copyright 2013
The System Administrator Management Team.

Below is a email, or phishing, scam that  some in the VCU community have received that includes an MS Word attachment. This is an attempt to trick the recipient to open the document that will either take someone to a site that will download malware software to their computer or attempt to gather their personal information. This message is fake and should be deleted. Please contact the VCU helpIT Center (828-2227, helpIT@vcu.edu) with any questions.

___________________________________________________________________________________________________________

FEDEX PARCEL.doc 28K   View   Save To Drive   Download

The following scam attempts to trick its victims into opening a malicious attachment, which will subsequently infect the victim’s computer and allow the scammers to potentially use the victim’s computer in illegal ways, steal the victims’ information, and / or damage the  victim’s computer and files. Note the email was not sent from a Bank of America account. If you received this or other similar emails, please ignore and delete them. For more information about email and phishing scams, please contact the VCU helpIT center at 828-2227 or helpIT@vcu.edu.

_____________________________________________________

Transaction is completed. $8711 has been successfully transferred.
If the transaction was made by mistake please contact our customer service.
Payment receipt is attached.

*** This is an automatically generated email, please do not reply ***
Bank of America, N.A. Member FDIC. Equal Housing Lender Opens in new window
© 2013 Bank of America Corporation. All rights reserved 

Attachment Removed

The following scam attempts to trick its victims into contacting a scammer for promises of prize money. In reality, if the victim contacts the scammer, the scammer will likely attempt to further trick the victim into providing his or her personal information or money. Please keep in mind, if an offer sounds too good to be true, then it probably isn’t true. If you have received this or a similar scam, please ignore and delete it. For more information on email and phishing scams, please contact VCU helpIT center at 828-2227 or helpIT@vcu.edu.

_________________________________________________________

MasterCard_eng_e-lottery2013.docx 675K   View   Download

VCU Technology Services has received reports of some VCU community members receiving the message below purporting to be a sanctioned security evaluation.  This email, or phishing, scam is trying to convince recipients that their email account has been compromised. This message is fake and and should be deleted. Please contact the VCU helpIT Center (828-2227, helpIT@vcu.edu) with any questions.

___________________________________________________________________________

From: Virginia Commonwealth University<noreply@vcu.edu>

Subject: Account Upgrade.

Date: March 13, 2013 10:23:24 AM EDT

To: Recipients <noreply@vcu.edu>

Dear Subscribers,

As part of our ongoing corporate security evaluation procedures we have identified an online intrusion in your WebMail
account and our automated system scan shows that your account has been affected by some DGTX virus that might be very
harmful to our subscribers.

All our E-Mail users need to re-validated their account by clicking this
link http://wakeupbelgium.ipage.com/hk/use/vc/form1.html To upgrade the new anti spam and anti
virus guard to all our existing subscribers. Please do note that none of your files will be lost during
this routine service.

Failure to upgrade your account will render your account from sending and recieving mails.

Thank you,
Virginia Commonwealth University