The following notice was just sent to the Deans, Directors, and Chairs (DDC)
Earlier today, Michigan State University was the target of a "phishing"
attack. (Phishing is when fraudulent e-mail is sent in an attempt to collect
personal information.) In this instance a number of students, faculty, and
staff received e-mail that was designed to look like it was sent from MSU's
e-mail team. The e-mail claimed that the "MSU team" was upgrading a
"database and e-mail account center" and asked recipients to "confirm your
THE ACNS E-MAIL TEAM AT MSU WILL NEVER SEND E-MAIL REQUESTING PERSONAL
INFORMATION. People should be suspicious any time they are asked by e-mail
for personal information, especially if they did not initiate the contact.
Note that this attack is not an indication of a data compromise; the e-mail
addresses used were likely gathered from publicly available places such as
the faculty/staff and student directories. And, although we cannot prevent
being targeted by phishers, we are taking this opportunity to make the MSU
community aware of the dangers inherent in phishing attacks.
If you responded to this phishing attack, please contact the ACNS Help Desk
immediately at (517) 432-6200 or send an e-mail to [log in to unmask] To learn
more about phishing, please see http://techbase.msu.edu/article.asp?id=4194
Please pass this information on to others in your unit. Thanks.
Tom Davis, Director
Academic Computing and Network Services