Phishing scam targets campus
E-mails posing as official notices sent to SF State population
March 13, 2008 10:40 AM
More than 50,000 SF State students and faculty members have received fraudulent e-mails as part of a scam in which recipients are asked to respond with personal information to e-mails appearing to be from university administrators.
A mass e-mail sent on March 3, titled “UPGRADE YOUR EMAIL ACCOUNT,” was sent to “undisclosed recipients” from “firstname.lastname@example.org. Then on March 7, another e-mail was sent with the subject as “Accounts Review,” this time from “email@example.com.” Both e-mails asked recipients for personal information, including student identification numbers, passwords, date of birth and country or territory. The March 3rd e-mail, which had a reply-to address as firstname.lastname@example.org, began:
“Dear Sfsu.edu Email Account Owner....”
Although the e-mails sent had “sfsu.edu” domains, a specific source of the messages could not be identified.
Along with a message warning students of the threat posed by the scam, a cautionary e-mail has been sent to all students by the SF State division of information technology encouraging recipients to send questionable e-mails to email@example.com.
Beyond issuing a warning, the division had no further comment on the specific source. The computer science department was briefed on the scam.
“We know they came from compromised accounts on the Yahoo European domains,” said Mig Hoffman, information security officer for SF State.
But a search of the Internet protocol number turned up an e-mail address issued by a technology company based in Nigeria. A person who answered the phone number listed with the address did not comment on the suspect e-mails.
A representative from Afrinic, the database provider for the alleged source of the e-mails, confirmed that scams originating out of public databases are common.
Hoffman said the attacks that have targeted the school have been appearing in waves, with new subject lines and messages appearing in each new set of e-mails.
“Many of the e-mails were harvested off social networking sites and public Web sites where staff, faculty or students may post or otherwise display their e-mail for personal or professional reasons,” she said. “Conservatively, we can probably say about 50,000 [SF State e-mail addresses] were or are targets based upon the information we have.”
The number of students and faculty who responded to the e-mails could not be determined, but several students on campus expressed their concern over them.
“Oh great,” said one student, a pre-nursing major, who asked not to be identified because she responded to the e-mail with personal information. “I had no idea those e-mails were part of a scam....they just looked so real because they were addressed from SF State.”
Another pre-nursing student, Jenelt Sarette, knew from previous experience that the e-mail asking for personal information was fraudulent.
“Why would they ask for personal information like that?” she said. “I’ve received so many similar e-mails, that I just assumed it was fake.”
“I initially considered responding because the e-mail looked legit,” said Jason Mitchell, an international relations major, as he brought up the e-mail in question on his iPhone.
“It’s definitely unsettling to see e-mails asking for personal information appearing in my e-mail box that I reserve for school,” he added.
The recent Internet scam that has targeted SF State is one of several that have appeared in the in-boxes of university students and employees across the nation.
Hoffman said communities with a large online activity, such as universities and major corporations, are prime targets for Internet hackers — such as the current “phishing” scam that has targeted SF State — wishing to obtain the personal information of others.
“Phishing” is a computer hacking technique used to obtain confidential and sensitive information through the Internet by posing as a trustworthy and recognizable source.
“It has been hitting academic centers recently very hard because of their large population using social networking tools that in turn offer perpetrators easy information so that they can target subjects en masse,” Hoffman said.
“Currently the majority of these attacks are coming from abroad,” Hoffman said. “Although it is not necessarily true that the hackers physically reside in or are necessarily from those countries.”
The Federal Trade Commission advises Internet users to never send personal or financial information through e-mail and to update anti-virus and anti-spyware software regularly.
The fraudulent e-mails come as SF State is in the process of improving its Web template and re-designing the university Web site.
A sample of the fraudulent email can be viewed at http://www.sfsu.edu/%7Edoit/phishing/.
POST A COMMENT
|BACK TO TOP|| |
Copyright © 2008 [X]press | Journalism Department - San Francisco State University