Kansas State University

search

IT News

Tag: spear phishing

New type of phishing attack threatens K-State passwords

Hackers have been VERY successful at tricking K-Staters into giving away their eID password  — in 2009 more than 430 K-Staters replied to phishing e-mails, sending their eID passwords to criminals who used those to log into K-State’s e-mail and send thousands of spam e-mails. The good news is that repeated communications by K-State’s IT security team, Help Desk, and IT support staff have slowed the pace of compromised e-mail accounts. The bad news is the hackers’ techniques have evolved accordingly with new, more sophisticated scams that steal your password.

K-State’s mantra for the last two years has been “NEVER provide your password in an e-mail to anyone under any circumstances!” How did the hackers respond? On Jan. 23, they sent the following scam e-mail to numerous K-Staters. Note that it doesn’t ask you to send your password in an e-mail. Instead, it tries to trick you into clicking on a link that goes to a website where they want you to enter your eID and password.

Continue reading “New type of phishing attack threatens K-State passwords”

“Phishing and Spam IQ Quiz” helps people recognize e-mail scams

K-State has now had at least 116 people reply to spear phishing scam e-mails since January 2008 and divulge their eID password to criminals. It is imperative that people learn to recognize scams to protect themselves and the K-State information entrusted to their care.

SonicWALL has produced an excellent 10-question “Phishing and Spam IQ Quiz” to help people learn how to differentiate between scams and legitimate e-mails. The quiz displays 10 different e-mails and has you decide whether each is legitimate or a phishing scam. At the end, it compares your answers to the correct ones and provides an explanation for each e-mail message. Continue reading ““Phishing and Spam IQ Quiz” helps people recognize e-mail scams”