Go to the U of M home page

Tuesday, September 20, 2016

Phishing Example 160: NOTICE: Important Immediate Action Required [Email Admin]

Received September 2016

From: IT Communications <compromised UMN account >
Date: Tue, Sep 20, 2016 at 7:10 AM
Subject: NOTICE: Important Immediate Action Required [Email Admin]
To:

University of Minnesota Driven to DiscoverOffice of Information Technology

Good Morning,

A message to terminate your email account
The process has begun by our administrator.

Please give us 2 hours to terminate your account OR.

Sign in here to cancel termination

Failure to cancel termination will result to closure of your account


Sincerely,

Donalee Attardo, Director, Academic Technology - OIT <---NOT THE SENDER

This email was sent by IT Communications <---NO IT REALLY WASN'T
2221 University Ave SE, Suite 305 Minneapolis, MN, 55455, USA

NOTE:

  • Sender is a UMN.EDU account
  • Sender IS NOT Donalee Attardo
  • URL goes to a NON-UMN.EDU address




Monday, September 19, 2016

Advisory: Fraud Advisory for Educational Institutions

Alert received September 2016
Well organized fraudsters are running a scam using social media and word-of-mouth primarily targeting international students at U.S. colleges and universities. The fraudsters offer discounts on school tuition if the victim makes a tuition payment via the fraudsters. Victims are subsequently asked to provide their credentials to the school's online tuition payment portal in order for fraudsters to make a payment on behalf of the victims. A tuition payment is made by the fraudsters and the Victim is able to verify this payment in the school's online portal. The victim then transmits funds to reimburse the fraudsters, only to find out that the tuition payment was made with stolen credit card information, which results in a chargeback of the fraudulent card payment. Fraudsters have successfully recruited unwitting students to help promote this tuition scam to their friends in the student body, adding an appearance of legitimacy. This scheme has resulted in students unable to pay tuition while left with little recourse in recovering their funds. While this scam is concentrated around a few universities at the moment, it is quickly proliferating to other educational institutions.
We urge educational institutions and their law enforcement departments to advise students of this fraud scheme and to strongly caution students to never share their  online credentials with anyone. In addition, students should only use payment methods and third parties approved by their college or university. Students should also advise their parents/guardians not to respond to any third party solicitations for payment of tuition fees at a discount.

To learn more about scams and fraud that may threaten students, please visit:

To report phishing or possible fraud, please email phishing@umn.edu

See news items about this in the Seattle Times and Forbes.

Friday, September 16, 2016

Phishing Example 159: NOTICE: Important Immediate Action Required [Email Admin]

Received: September 2016

Body Text:
[image: Xfinity Logo, Before and After]

A message to terminate your email account

The process has begun by our administrator.

Because we have detected an irregular activity.

Please give us 2 hours to terminate your account OR.

Sign in here to cancel termination <hxxp://www.musijm.xxx/umn.edu.html>

Failure to cancel termination will result to closure of your account

Thanks
University of Minnesota


The link leads to a copy of the University's new login page, the one with the notice that it will be changing. The bad URL will be hard to spot on mobile devices. Be extra careful of login screens on your mobile device.


Monday, September 12, 2016

Scam Impersonates Microsoft

 Seen: September 2016

This scam impersonates Microsoft and is not delivered by email. It is malware and may be delivered by a malicious advertisement on a web site.
  • Do not call the phone number, as compromise of your computer and credit cards will result.
  • If you see this message on your computer, immediately shut down the machine, then run a virus scanner to remove the malware.

Wednesday, September 7, 2016

Advisory: IRS Warns of Back-to-School Scams; Encourages Students, Parents, Schools to Stay Alert

IRS Warns of Back-to-School Scams; Encourages Students, Parents, Schools to Stay Alert
WASHINGTON — The Internal Revenue Service today warned taxpayers against telephone scammers targeting students and parents during the back-to-school season and demanding payments for non-existent taxes, such as the “Federal Student Tax.”
People should be on the lookout for IRS impersonators calling students and demanding that they wire money immediately to pay a fake “federal student tax.” If the person does not comply, the scammer becomes aggressive and threatens to report the student to the police to be arrested. As schools around the nation prepare to re-open, it is important for taxpayers to be particularly aware of this scheme going after students and parents.