Security Alert: Phishing Emails Sent to Carnegie Mellon Accounts

Who: Everyone

What:  Phishing Emails Sent to Carnegie Mellon Accounts

When:  Feb 21, 2008

How:
Fraudulent emails have recently been sent to Carnegie Mellon email accounts claiming to be from the CMU SUPPORT TEAM <support@cmu.edu> asking people to reply with their CMU Webmail account passwords.


A sample message follows:

From: CMU SUPPORT TEAM <support@cmu.edu>
Date: Fri, 22 Feb 2008 05:30:05 +1100
Subject: Confirm Your E-mail Address

Dear CMU Webmail Subscriber,

To complete your CMU Webmail account, you must reply to this email
immediately and enter your password here (*********)
Failure to do this will immediately render your email address
deactivated from our database.

You can also confirm your email address by logging into your
CMU Webmail account at XXXXXX

Thank you for using CMU.EDU !

THE CMU.EDU TEAM

What You Need To Do:
If you suspect your computer has already been compromised, STOP! Read and follow Responding to a Compromised Computer.

If your computer is managed by a Carnegie Mellon departmental computing administrator, please consult that person before making any system changes.

Follow the detailed steps below:

1. If you sent your password in a reply, change your password immediately and contact the Computing Services Help Center.
   
   1. Change to a strong password by visiting the My Accounts: Password page.
   2. Contact the Computing Services Help Center at x8-HELP(4357) or send email to advisor@andrew.cmu.edu.
   
   
2. If you did not reply to the message, delete it.
   
   
   
3. Secure Your Computer***
   Mac instructions
   Windows Vista instructions
   Windows XP instructions
   
   

Contact:
Please direct any questions or comments to the Computing Services Help Center at x8-HELP (4357) or advisor@andrew.cmu.edu, or to your departmental administrator or DSP consultant.