Another attempt is circulating at Stanford asking campus members to reveal their username and password. Please don't be fooled. These messages are a "phishing" scam, used to trick the unwary into giving their account credentials to an anonymous attacker who then takes over the account and uses it to launch other attacks. IT Services and other IT support organizations on campus will *never* ask you to reveal your password to them.
Below is one of the fraudulent emails we have received to date. Please be careful about this important area of our campus Information Technology Security policies, which are covered in Admin Guide policies 62, 63 and 64.
IT Services
********************* SAMPLE ************************ Subject: WEBMAIL USERS MAINTENANCE NOTICE Date: Thu, 24 Sep 2009 00:35:25 +0200 From: eMAIL MAINTENANCE < tech_supportteam01@w.cn > Reply-To: < tech_supportteam01@w.cn > To: < helpdesk@emailupdate.com > Dear Email User, The School WebMail Management Team is performing a routine Server and Database Upgrade for safer and faster Internet service, all to better your WebMail Network. On this note, all users of the School WebMail Account should provide the information below to enable us Validate and increase your Mailbox Quota. Failure to do this would result in closure of your Mailbox. Please provide all these information completely and correctly. User eMail ID: User Password: Thank you. eMail Management Team. *********************************************** Copyright ) 2009 Alumni and Student WebMail. *********************************************** ********************* SAMPLE ************************
If you have any questions or would like to send information on spam you are receiving, please submit a HelpSU request.