Message from Monty Wilson regarding the latest phishing email:
Disregard the “Account Alert” that was sent Monday afternoon at 6:56PM . Just reading this “ message” you will be able to see some errors that can help you determine if email smells like a dead fish, it has a very high probability of being a dead fish and should be deleted. If anyone is interested in looking some of the problems this phishing attempt has and what are some of the red flags in the email that say this is a phishing attempt please see the embedded comments in -red below.
From: UTC Online [mailto:firstname.lastname@example.org] - “UTC online at UTC refers to the Blackboard Leaning management system and has nothing to do with the operation of the UTC email systems and would be very unlikely to send out information on the UTC email system.”
Sent: Monday, July 05, 2010 6:56 PM
Subject: Webmail Alert -” UTC does not use term webmail UTC email is currently referred to as Netmail accessed through MyMocsNet or Exchange”
This message is from University of Tennessee Information Technology Help Desk to all Faculty, Staff and Students using utc Webmail accounts. -”Note that this allegedly came from the University of Tennessee IT Help Desk. Since the Phishing attempt is refering to UTC web mail they are not only confused of difference between UTC and UTK they are also confused on the title of the Help Desk at Knoxville. UTK refers to the OIT Help Desk not the Information Technology Help Desk.”
We noticed that the utc Webmail accounts has been compromised by - “Normally all internal references to UTC uses upper case”
spammers. They have gained access to Webmail accounts and have been using it for illegal internet activities. – “To be correct the “We” that sent this email are the spammers who are planning to use this information for illegal internet activities”
IT Help Desk is currently performing maintenance and upgrading it’s database. We intend upgrading our Email Security Server for better online services. - “All maintenance and upgrading of UTC Netmail or Exchange email is done by the Systems and Security Department located in Hunter Hall, not the Help Desk located in the Administrative Services building.”
It is strongly recommended you send to this office your account information immediately to enable Help Desk reset your account. You will be sent a new confirmation alphanumerical password. - “UTC ITD specifically says on the ITD web site that ITD does not request anyone to send user name or password to any email request. See this link for more info on Phishing http://itd.utc.edu/security/phishyemail.php”
Please provide the following information- “Neither UTC or any legitimate organization sends out a request to provide this type info because any legitimate email system already has the information otherwise you could not access your email.”
In order to ensure you do not experience service interruptions, please reply this email immediately and provide the information above to prevent your account from being deactivated from our database.
Thank you for using our online services.
Webmail Adminstrator. - ” Apparently the “Adminstrator” does not use spell check, besides since UTC does not use term web mail therefore there is no Webmail administrator however it is spelled.”
University of Tennessee at Chattanooga Copyright © 2010. - “What other info have you ever received from UTC ITD with a copyright symbol? Never as far as I can recall.”
-End of embedded comments
Please continue to be alert to Phishing attempts, the above comments are just some of the problems with this attempt. The best defense for these attacks is to use your DELETE key on the phishing attempt and go on with the activities of the University.
Chief Information Officer
Assistant Vice Chancellor for Information Technology
University of Tennessee at Chattanooga
615 McCallie Ave 4054
Chattanooga TN 37403