That is either the best spear-phish I’ve ever seen, or it’s legit. Is it
just me, or is doing this a bad idea? I would never send out a “change your
password now or you’ll be cut off!!!” email. We’ve spent over a decade
trying to teach users not to believe “give me your password, you dolt”
phishes, and so for an IT unit to do this “legitimately” reverses a decade
of effort for I think most of us here, and at other institutions World-wide.
Of the decade+ I’ve personally spent answering these “are you a
slow-learner?” emails, I’ve decided exactly zero were legit. Imagine if the
IRS even once sent out an email around tax time. The fraud would be off the
charts and it would take years to undo the damage. Many institutions have a,
“we’ll never do this, so don’t believe the phishes” statement on their site.
Please reference the first sentence from the IRS link, and the sentence in
red on page at techbase.msu.edu.
http://www.irs.gov/privacy/article/0,,id=186436,00.html
http://techbase.msu.edu/article.asp?id=4194
I’ll personally request that any U. units doing this, please, please
reconsider. Surely there is an alternative practice which will fit your
needs.
Brian Hoort
From: John Valenti [mailto:[log in to unmask]]
Sent: Monday, April 12, 2010 3:37 PM
To: [log in to unmask]
Subject: [MSUNAG] Fwd: size="+1">SUBJECT: Important: Password Expiration
Notification - uadv.msu.edu
hi NAG'ers,
I'm trying to decide if this is spearphishing, or legitimate.
It has at least two tags tending toward malware:
1) subject line is messed up with "size="+1"
2) link to SOS Group is numeric IP address (but on campus)
I'm guessing it is legitimate, but pretty confusing. What is "Spartan Way"?
A search says that it is a street name, but how can someone be in a street?
thanks for any leads
-John
PS - sorry to forward this to the group, but my people send me about five
of these per week, and I can usually decide within 30 seconds. Four out of
the last four have been scams.
Begin forwarded message:
From: ......
Date: April 12, 2010 2:10:04 PM EDT
To: "'John Valenti'" <[log in to unmask]>
Subject: FW: size="+1">SUBJECT: Important: Password Expiration Notification
- uadv.msu.edu
Hi John,
Is this a scam?
Mary
From: [log in to unmask] [mailto:[log in to unmask]]
Sent: Monday, April 12, 2010 8:00 AM
To: [log in to unmask]
Subject: size="+1">SUBJECT: Important: Password Expiration Notification
- uadv.msu.edu
Hi Mary,
Your password for account "meyerma8" expires in 0 day(s). Please change the
password as soon as possible to prevent further logon problems.
Trouble viewing this email? Click this link
If your password has expired or you want to change it are you inside or
outside Spartan Way?
++++++++++++++++++++++++++++++++++++++++++++++
Users in Spartan Way
++++++++++++++++++++++++++++++++++++++++++++++
Once you are logged in
Hold down Ctrl - Alt - Delete on the keyboard and left click 'Change
Password'
++++++++++++++++++++++++++++++++++++++++++++++
Users outside Spartan Way
++++++++++++++++++++++++++++++++++++++++++++++
Login to the UA VPN at https://gate.uadv.msu.edu
Click the 'Preferences' button
Click the 'General' Tab
Type in your old password, then type in the new password and re type the new
password.
Make sure the New Password and Confirm Password match.
Password requirements are:
Minimum 10 characters
Must contain 3 out of 4 -one CAP letter, one lower case letter, one NUMBER
and one SPECIAL CHARACTER
You will need to change your password on your mobile phone too. Check below
for instructions.
Instructions to setup first time or change password for Iphone are here
Instructions to setup first time or change password for Windows Mobile Phone
are here
Thank you!
SOS Group
----------------------------------------------------------------------------
-------------------
This is an automatically generated message (uas16.uadv.msu.edu) from
University Advancement Systems Group.
Type in your old password and type in the new password and re type the new
password. Make sure the New Password and Confirm Password match.
Password requirements are:
Minimum 10 characters
Must contain 3 out of 4 -one CAP letter, one lower case letter, one NUMBER
and one SPECIAL CHARACTER
Thank you!
SOS Group
----------------
This is an automatically generated message (uas16.uadv.msu.edu) from
University Advancement Systems Group.
|