Beware of email scams

We have seen an increase in the number of "phishing" email attacks here at ODU.

 

There are many types of phishing email scams.  Below are two examples of the main types of phishing scams we see.  While the details differ, the are all trying to fool you into giving them your account ID & password.  Don't fall for this!

First example:

From: Admin Center [mailto:tngwenyama@nust.ac.zw [Here is your first clue:  the message did not come from an @odu.edu address]

Sent: Tuesday, April 16, 2013 7:39 AM

Subject: Email Quota Alert!!!!   [Here is your second clue:  we do not have email quotas!]

--

We are pleased to inform you that Our Admin Center is closing all unused accounts because of the congestion in our mail server. To confirm your account active, you are required to complete your details below and send it to us. This information would be required to verify your account to avoid being closed.   [IT Services would never need you to confirm whether your account is active, we would know this from the logs.]

Full name:   

User Name:

Email:

Password:  [ITS will never ask you for your password]

Reconfirm Password:  [Really, ITS will never ask you for your password.  Please don't share your password or give it to anybody.]

 

 

Second Example:

From: "Bryant, Davina A." <BryantD@trocaire.edu [Here is your first clue: it did not come from an @odu.edu address]
Date: March 25, 2013, 4:12:50 PM EDT
To: undisclosed-recipients:;
Subject: 2013 Email Admin system!!!   [Usually there will be a generic subject line that looks scary]

As part of our 2013 Upgrade E-mail Security, Admin Support Helpdesk require immediate update on  your account information. This is to further boost the storage capacity of your mailbox and to enhance it's ability to receiving and sending emails.  [Another clue:  doesn't this look sketchy?  If you are not sure about something, contact the Help Desk!  Don't fall for it!]

To reactivate your account CLICK HERE<http://helpdesk.some-evil-looking-URL.com/so-don't-click-on-it [Usually there will be a sketchy looking URL here, the key is that it is not an https:// or  .odu.edu address.  If you don't see HTTPS or ODU.EDU, then be wary!]


Note that failure to comply to this directives within 24 hours by updating and upgrading you mailbox will leave the administration with no option but to suspend your account from receiving further emails.   [The opposite is true!  If you fall for this scam, IT Services will have no choice but to suspend your account until you update your password!]

Thank you for your cooperation.
© 2013 Email Admin system.   [Looks pretty generic!  It doesn't mention ODU or IT Services, so don't fall for it!]
 

 

 

So don't be fooled by phishing emails!  If you fall for it, your account will be taken over by a spam artist, and used to send out hundreds of spam emails from your account.  This could result in ODU being blocked by major email providers such as Hotmail.com, MSN.com, Yahoo.com, etc.  They could also do damage to your account that we may not be able to restore.  

 

If you receive a phishing email and would like to report it, send it to phishing@odu.edu

Posted By: Aaron Smith
Date: Thu Sep 12 08:49:03 EDT 2013