Fraudulent e-mails hit SF State—again
April 3, 2008 1:05 PM
SF State officials have confirmed that another round of scam e-mails have been circulating through the inboxes of SF State students and employees in recent weeks.
The most recent round of attacks occurred over spring break, said Mig Hoffman, SF State’s information security officer.
During the first round of phishing scams in early March, approximately 50,000 students, alumni and faculty were targeted by anonymous scammers hoping to obtain personal information such as passwords and usernames. Hoffman said a similar number of people at SF State were targeted during the latest round of scam e-mails.
“There was another round of phishing activity [that] started intensely about 11:00 a.m. [on March 28],” Hoffman said.
Hoffman declined to answer questions sent to her in an e-mail asking how many students may have responded to the fraudulent e-mails, or how many recipients reported them to firstname.lastname@example.org.
Hoffman also did not confirm if the e-mails were part of an isolated attempt to target SF State addresses, or if the current round of scam e-mails is a small part of a larger scam targeting other universities in California State University system.
In light of recent scam attempts targeting students, the current software most widely used by the California State University system to prevent phishing attacks is being replaced, although the new upgraded software has yet to be installed on campus computing systems, added Hoffman.
“We are working with [software] to catch and stop the [phishing] activity, but the hardware is still being tested and so hasn’t yet been approved,” she said.
Although Hoffman did not confirm if the two rounds of scam e-mails were related or originated from the same source, the Internet protocol number from the most recent e-mails is associated with similar fraud e-mails scams, according to Internet fraud watch Web sites.
Several versions of the messages were sent, but the most recent mass e-mails that were sent last Friday claim to be from the “The Sfsu Webmail TEAM” and state that respondents must reply with e-mail addresses and passwords, otherwise their account will be deleted. The message stated: “We are currently upgrading our data base [sic] and e-mail account center…We are deleting all Sfsu e-mail account [sic] to create more space for new accounts.”
Students are encouraged to send all suspicious emails to email@example.com and are encouraged to never reply to SF State e-mails with personal information. For more information visit the Division of Technology Information Web site.
POST A COMMENT
|BACK TO TOP|| |
Copyright © 2008 [X]press | Journalism Department - San Francisco State University