Carnegie Mellon University Website Home Page
 
Skip navigation and jump directly to page content
News
Security News Archives
2008
March
Security Alert - Database Upgrade Phishing Emails
Security Alert - SquirrelMail Phishing Emails
Accounts
Network, Phone & TV
Software
Email & Calendar
Secure Your Computer
Clusters & Printing
Web Services
Classroom & Event Support
Education & Outreach
Support & Repair
Information Security Office (ISO)

Security Alert: Database Upgrade Phishing Emails

Who: Everyone

What:  Database Upgrade Phishing Emails

When:  Mar 16, 2008

How:
Phishing Emails Sent to Carnegie Mellon Accounts Fraudulent emails have recently been sent to Carnegie Mellon email accounts claiming to be from "webmaster@andrew.cmu.edu" <uknalot4@yahoo.co.uk> asking people to reply with their andrew.cmu.edu E-mail account passwords.

A sample message follows:

From: "webmaster@andrew.cmu.edu" <uknalot4@yahoo.co.uk>
Date: Sun, March 16, 2008 8:59 am
Subject: ADMIN/HELP DESK: DATABASE UPGRADE.

Dear andrew.cmu.edu Account Owner,

This message is from andrew.cmu.edu messaging center
to all andrew.cmu.edu email account owners. The Office of
Information Technology is in the process of migrating
all andrew.cmu.edu email accounts to upgraded central
e-mail services.
 
We are deleting all unused andrew.cmu.edu email
accounts to create more spaces for new accounts.

To prevent your account from being closed, you will
have to provide the information below to update it
so that we will be sure that your account is still
active presently.

CONFIRM YOUR EMAIL IDENTITY BELOW:

E-mail Username : .......... .....
E-mail Password : ................
Date of Birth   : ................
Location        : ................

Warning!!! Account owner that refuses to update his or
her email account within 30days of receiving this
warning will lose his or her email account permanently.

Thank you for using andrew.cmu.edu

Warning Code:VX2G99AAJ
Case ID is 1578207.

Kind Regards,

andrew.cmu.edu Webmaster.
Please accept our apologies for the inconvenience.

      ___________________________________________________________
Rise to the challenge for Sport Relief with Yahoo! For Good 

http://XXXXXXXX

What You Need To Do:
If you suspect your computer has already been compromised, STOP! Read and follow Responding to a Compromised Computer.

If your computer is managed by a Carnegie Mellon departmental computing administrator, please consult that person before making any system changes.

Follow the detailed steps below:

  1. If you sent your password in a reply, change your password immediately and contact the Computing Services Help Center.
    1. Change to a strong password by visiting the My Accounts: Password page.
    2. Contact the Computing Services Help Center at x8-HELP(4357) or send email to advisor@andrew.cmu.edu.
  2. If you received the fraudulent email, delete it.
  3. Secure Your Computer***
    Mac instructions
    Windows Vista instructions
    Windows XP instructions

Contact:
Please direct any questions or comments to the Computing Services Help Center at x8-HELP (4357) or advisor@andrew.cmu.edu, or to your departmental administrator or DSP consultant.