Carnegie Mellon University Website Home Page
 
Skip navigation and jump directly to page content
News
Security News Archives
2008
August
Fall Cyber Security Tips and Reminders
Security Alert - Fraud Emails - andrew.cmu.edu Feature Release: Upgraded Search
Security Alert - Fraud Emails - Confirm Your School WebMail Details
Accounts
Network, Phone & TV
Software
Email & Calendar
Secure Your Computer
Clusters & Printing
Web Services
Classroom & Event Support
Training & Education
Technical Support & Services
Campus Partners
Information Security Office (ISO)

Security Alert: Fraud Emails - Confirm Your School WebMail Details

Who: Everyone

What:  Fraud Emails - Confirm Your School WebMail Details

When:  August 18, 2008

How:
Phishing Emails Sent to Carnegie Mellon Accounts Fraud emails have recently been sent to Carnegie Mellon email accounts claiming to be from "School WebMail Support Team" <support008@mail2webmaster.com>.  The fraud messages ask people to reply with their Password. PLEASE ENABLE SPAM FILTERING AND DO NOT REPLY!

A sample of the fraud message follows:

From: School WebMail Support Team <support008@mail2webmaster.com>
Date: Mon, 18 Aug 2008 07:37:45 -0700
Subject: Confirm Your School WebMail Details

Dear Webmail Account User,

This message is from School WebMail Messaging Center to all our account owners.
We are currently upgrading our School data base and e-mail center.

We are deleting all unused School account to create more space for new accounts. In other not
to be suspended, you will have to update your account by providing the information listed below:

Confirm Your School WebMail Details.

Email ID:
Password:
Date of Birth:

You will be sent a new confirmation alphanumerical password so that it will only be valid during
this period and can be changed after the process.

We are very sorry for the inconveniency this may have cost you.

Thanks for your understanding.
School WebMail Administrator.

Warning!!! Account owner that refuses to update his or her account within seven days of
receiving this notice end up being suspended permanently.

What You Need To Do:
If you suspect your computer has already been compromised, STOP! Read and follow Responding to a Compromised Computer.

If your computer is managed by a Carnegie Mellon departmental computing administrator, please consult that person before making any system changes.

Follow the detailed steps below:

  1. If you sent your password in a reply, change your password immediately and contact the Computing Services Help Center.
    1. Change to a strong password by visiting the My Accounts: Password page.
    2. Contact the Computing Services Help Center at x8-HELP(4357) or send email to advisor@andrew.cmu.edu.
  2. Enable the Andrew Spam Filter to prevent receiving these fraud messages in your INBOX.
    See Enable Spam Filter Using Portal
  3. If you received the fraud email, delete it.
  4. Secure Your Computer***
    Mac instructions
    Windows Vista instructions
    Windows XP instructions

Contact:
Please direct any questions or comments to the Computing Services Help Center at x8-HELP (4357) or advisor@andrew.cmu.edu, or to your departmental administrator or DSP consultant.