Phishing Email

Security Alert: Verify Your Andrew.cmu.edu Email Account Phishing Emails

Who: Everyone

What: Verify Your Andrew.cmu.edu Email Account Phishing Emails

When: Apr 3, 2008

How: Phishing Emails Sent to Carnegie Mellon Accounts Fraudulent emails have recently been sent to Carnegie Mellon email accounts claiming to be from ADMIN HELPDESK asking people to reply with their EMAIL Password.

A sample message follows:

Date: Thu, 03 Apr 2008 22:02:54 +0200
From: ADMIN HELPDESK Reply-to: adminhelpdesk7@gmail.com
To: undisclosed-recipients:;
Subject: VERIFY YOUR ANDREW.CMU.EDU EMAIL ACCOUNT NOW.

Dear Andrew.Cmu.Edu Email Account Owner,

This message is from andrew.cmu.edu messaging center to all andrew.cmu.edu email account owners. We are currently upgrading our data base and e-mail account center. We are deleting all unused andrew.cmu.edu email accounts to create more space for new accounts.

To prevent your account from being closed, you will have to update it below so that we will know that it's a present used account.

CONFIRM YOUR EMAIL IDENTITY BELOW

Email Username : .......... ..... EMAIL Password : ................ Date of Birth : ................. Country or Territory : ..........

Warning!!! Account owner that refuses to update his or her account within Seven days of receiving this warning will lose his or her account permanently.

Thank you for using andrew.cmu.edu Warning Code:VX2G99AAJ

andrew.cmu.edu Team

www.andrew.cmu.edu

---------------------------------------------------------------- This message was sent using IMP, the Internet Messaging Program.

What You Need To Do: If you suspect your computer has already been compromised, STOP! Read and follow Responding to a Compromised Computer.

If your computer is managed by a Carnegie Mellon departmental computing administrator, please consult that person before making any system changes.

Follow the detailed steps below:

1. If you sent your password in a reply, change your password immediately and contact the Computing Services Help Center. 1. Change to a strong password by visiting the My Accounts: Password page. 2. Contact the Computing Services Help Center at x8-HELP(4357) or send email to advisor@andrew.cmu.edu. 2. If you received the fraudulent email, delete it. 3. Secure Your Computer*** Mac instructions Windows Vista instructions Windows XP instructions

Contact: Please direct any questions or comments to the Computing Services Help Center at x8-HELP (4357) or advisor@andrew.cmu.edu, or to your departmental administrator or DSP consultant.