TechTalk

Thoughts on using IT in NC Cooperative Extension

Categories

All | Useful Web Sites | Non Technical | NCSU specific | NCCE Specific | Technology | Macintosh

 Subscribe in a reader

Enter your email address to get articles emailed to you when posted:

Delivered by FeedBurner

FeedWind

Subscribe to "IT Tip of the Day" via Email:
Enter your email address:

Delivered by FeedBurner


Links




WolfBlogs
Weblog
Login

Main | Next day (Jan 31, 2008) »
20080130 Wednesday January 30, 2008

 Phishing Email

According to WikiPedia "In computing, phishing is an attempt to criminally and fraudulently acquire sensitive information, such as usernames, passwords and credit card details, by masquerading as a trustworthy entity in an electronic communication."

Here is an example of a phishing email sent to an NCCE employee today.

Subject: VERIFY YOUR Ncsu EMAIL ACCOUNT NOW
Date: Wed, 30 Jan 2008 11:04:11 +0000
From: Ncsu Team <ncsuteam@bellsouth.net>
Reply-To: accountupgrades03@deleted.com
To: undisclosed-recipients:;

VERIFY YOUR Ncsu EMAIL ACCOUNT NOW

Dear Ncsu  Email Account Owner,
This message is from Ncsu   messaging center to all Ncsu
email account owners. We are currently upgrading our data base and
e-mail account center. We are deleting all unused  Ncsu  email account to
create more space for new accounts.

To prevent your account from closing you will have to update it
below so that we will know that it's a present used account.

CONFIRM YOUR EMAIL IDENTITY BELOW

Email Username : .......... .....
EMAIL Password : ................
Date of Birth : .................
Country or Territory : ..........

Warning!!! Account owner that refuses to update his or her
account within Seven days of receiving this warning will lose his or her
account permanently.

Thank you for using  Nmn  !
Warning Code:VX2G99AAJ

Thanks,
Ncsu Team
Ncsu.edu BETA

There are several items in this message that throw up red flags. First among many was the "Ncsu" not being all caps.  Most importantly, the fact they are asking for this reply via email and not giving any information such as my id.  This one was easy to recognize as a phishing expedition.  Many are MUCH better disguised and more cunning.

Just be very of anyone asking for your password without you initiating the call. 

DO NOT click on links in email messages.  Go to the web site by typing the URL in your browser and navigate from there.  It is very easy to give a link that says it is going one place, but actually takes you someplace else - for example: http://www.google.com/ will actually take you to NCSU's home page.

Just be aware that there are bad people out there who prey on the unsuspecting, uninformed and trusting individual.

"Let's be careful out there".


Posted by jdorner ( Nov 19 2008, 10:42:58 AM EST / Jan 30 2008, 08:39:00 AM EST ) Permalink Comments [0]
Trackback: http://blogs.lib.ncsu.edu/techtalk/entry/phishing_email

Log in | Log out