Kansas State University

search

IT News

17+ K-State eID passwords stolen in e-mail scams

The crooks are at it again — in the past week, scam e-mails have tricked at least 17 K-Staters into giving their eID password to criminals, who then log into WebMail with the stolen account information and send thousands of spam messages to the world.

This is a reminder to NEVER provide your password in an e-mail to anyone under any circumstances!

This simple rule will prevent you from becoming a victim of these scams and will help keep K-State off spam block lists, since e-mail service providers will block all e-mail from K-State when they see thousands of spam messages coming from WebMail. Furthermore, K-State IT support staff will NEVER ask for your password in an e-mail, nor will any legitimate business. If you ever get an e-mail asking for your password, personal identity information, or financial account information, you can assume it is a fraud and delete it.

The recent scam messages say they are from “EMAIL SUPPORT” or “KSU WEB EMAIL TECHNICAL SERVICE” and have subjects like “MAIL SYSTEM UPGRADE, PLEASE COMPLY,” or “EMAIL ACCOUNT MAINTENANCE” in an attempt to appear legitimate. Don’t be fooled. Learn how to recognize a scam and simply delete anything that asks for your password. You can see recent examples of these scam emails and find other helpful information by visiting K-State’s email scams web site.

K-State does several things to deal with these scams when a new one arrives:

  • The “reply-to” address in the scam e-mail is blocked in K-State’s e-mail system, so replies that might have a person’s eID password are rejected.
  • The service provider hosting the e-mail address that receives the replies is notified, so they can disable the malicious account.
  • The service provider where the scam e-mail originated is notified, so they can stop deliveries at the source (usually a compromised computer or e-mail account).
  • The scam e-mail is posted on K-State’s IT security threats blog with a title that starts with “Spear phishing” and the date, so people can compare e-mails they receive to known scams.
  • The campus is informed through newsletter articles; mass e-mails like the one sent to SECURITY-ALERTS on March 9; Collegian articles; and even short videos on K-State TV.
  • When we discover a stolen eID and password, we immediately reset the password so the criminals can no longer use it. Then the IT Help Desk notifies the owner of the eID to take advantage of a “training opportunity.”

If you ever doubt the legitimacy of an e-mail, ask your K-State IT support person or contact the IT Help Desk (785-532-7722, helpdesk@k-state.edu).

Share this post:

About Harvard Townsend (harv@ksu.edu)

Chief Information Security Officer