Recent phishing email scam lands in 2,000 UD inboxes

3:54 p.m., May 18, 2015--Hackers targeted about 2,000 members of the University of Delaware community by sending a phishing message to their UD email inboxes on Friday, May 15, according to UD Information Technologies (IT).

The message claimed that an individual’s email account had exceeded its “storage limit” and that the account would be deleted unless the user clicked the provided link. The phish included UD’s logo and appeared to come from a legitimate UD email address, but the link led to a malicious page that attempted to steal personal information.

FYI Stories

June 6: UDid It! Picnic

All UD faculty and staff members are invited to attend the annual UDid It! employee appreciation picnic, set from 11 a.m.-1:30 p.m., Monday, June 6, on The Green.

2FA protects you

If you are using two-factor authentication (2FA), even if a hacker has your password, your information is probably safe.

• 2FA protects you
• Police training
• Traffic alert
• Library photo ID

Personal information stolen in a phishing scam is often used for financial fraud, but sometimes it is used to steal a computing account so the hacker can use the stolen account to launch other attacks. Therefore, one person’s false move could affect others on the Internet.

In light of this attack, faculty, staff and students are reminded to keep a vigilant watch for phishing attempts in both their UD and personal email inboxes.

Phishing messages often use scare tactics that trick victims into clicking a link without thinking. Doing so can lead to a malicious website, the download of malware or the surrender of personal information. In general, if an email seems “too good to be true,” do not open it.

Because UD is a large organization, it has become the target of spear phishing attempts in which hackers use UD-specific terminology, logos, names and department names to trick users into believing they are reading legitimate email messages.

UD IT reminds the University community:

• Always verify information contained in an email message before clicking a link or downloading a file. For example, the May 15 phishing attempt made a claim about email storage that was easy to refute. UD Google Apps for Education accounts do not have storage quotas, and UD Exchange account quotas are visible from within Outlook or Outlook Web Access (OWA).
• UD will never ask for any password or any other sensitive information through email.
• Official UD email messages will not contain numerous typos or grammatical errors. If an email claiming to be an official message does not sound like it was written by a fluent English speaker, it’s probably a phishing attempt.
• Official UD email messages usually come from udel.edu email addresses. If an email claims to be from UD but does not come from a udel.edu email address, verify the content before clicking links in or taking any action upon the message.
• Official UD email messages will usually address you by name. If an email uses vague addresses like “Dear customer” or “Webmail user,” it’s probably a phishing attempt.
• Before clicking, always inspect links in an email message by hovering your mouse over the link. Does it lead to a legitimate udel.edu address?

For further information, IT encourages the UD community to review these resources:

• Phishing and spear fishing at the University of Delaware
• What phishing email messages look like
• How to avoid phishing attempts 
• Phishing examples posted to the Secure UD Threat Alert blog

Report suspicious email messages to your departmental IT staff or to the IT Support Center.

“Remember, you are a target. Information security is everyone’s responsibility. Always think before you click,” a UD IT representative said.

Article by Christopher Johnson

Graphic by Christopher Johnson, with some elements from Wikimedia Commons