IT Security Alerts and Advisories 

Phishing for Passwords

There have been a number of recent email-based "phishing" attempts in which recipients are requested to provide their login credentials.  While many of these campaigns look obviously suspicious, some have been very carefully crafted so as to appear to be genuine.

Please be advised that IT Services will never request users to divulge their login information via email.  If you are the recipient of such an email request, please ignore it and delete it. 

If you suspect that you may have been a victim of such a phishing attempt, you should change your password immediately.

 For more information on phishing, see the following article entitled Anatomy of a Phishing Attempt.

Fake Notifications

An ongoing trend among cybercriminals is to blend social engineering with malware.

This is accomplished via the use of fake notifications.

A good example is a spurious email message that appears to have been sent from a shipping company like FedEx or UPS claiming that an item you recently shipped cannot be delivered. You are urged to contact the company immediately, and an embedded link is provided for detailed information.

However, clicking on the link results in being directed to a malicious Website where malware is waiting to be downloaded to the unsuspecting user.

To avoid an online disaster, never click on a link embedded in an email.

If you have recently shipped something and need to check its status, go directly to the shipper’s Website to inquire.





Twitter Facebook Linkedin Flikr UFV on Google+ YouTube goUFV