Information Technology Unit

Phishing

In today's computing environment, email 'phishing' attacks are always a concern.  Phishing is an attempt by hackers to gain private information under the pretense of being an authority needing access to such information.  It is accomplished through social engineering, and often occurs through email.  
 
In order to protect against the threats of exposing your confidential information, please briefly review the information below.
 
We have included an example of email circulating over the past day or so at the end of this note.
 
Identifying Behaviors in Email Phishing
 
·
Unsolicited, unexpected requests for information from an unknown source should almost always be considered suspect until the source can be independently verified. 
· Requests that require you to take 'Immediate action' or threaten adverse action such as 'account suspension' are highly suspect. 
· Fraudulent emails often solicit information from you directly or request something you have that the 'phisher' wants.  This is often an unexpected request for information, money, or even requests for assistance that are intended to mislead the recipient into responding.  
· Logos, UIC branding, colors, or terms such as "UIC Support' or even specific web addresses are inserted to make it appear as though the request is legitimate. 
· Spelling errors not generally found in professional communication are more common in phishing attempts. 
· Carefully review links contained in emails for variations in spelling from the known source.  For example, in some cases, a site may direct you to webmail.ui.com instead of webmail.uic.edu.  Also, the displayed text may not match the 'hypertext' the link is referring to.  'Mousing over' the link without clicking on it, will often reveal the destination somewhere within your email or web browser window (e.g. text-over, or the lower, right corner, etc).  
 
Preventative Actions 
 
· Do not send your password to anyone via email.  The COP IT Unit and ACCC will not request your password via email.  
· Do not reply to messages, particularly unsolicited ones, from an unfamiliar source.  
· If you should receive an email message that you believe is from a legitimate source, find an alternative contact to verify that source.  Do not use contact information found in the originating email.  For emails purportedly regarding Pharmacy or ACCC services, please feel free to contact the IT Unit at pharmhelp@uic.edu or 312-996-8736 for assistance.  
 
Example Recent Phishing Attempt:
 
Email Phishing
 
We have upgraded our server to new secured version. This is to enable your webmail account take a new look with new functions and help protect against spam e-mails. You are require to upgrade your account to new secure version by clicking here or on  the secure link below  

https:/secure.uic.edu 
Copyright © 2011 University of Illinois at Chicago - UIC

Email Phishing Example #2

-----Original Message-----
From: System Administrator [mailto:webalertnow111@gmail.com]
Sent: Tuesday, July 05, 2011 3:34 PM
To: undisclosed-recipients:
Subject: DEAR UIC.EDU USER

--
DEAR UIC.EDU USER

Your email account has been confirmed to have been infected with a strong Internet virus and the way your account is used to send numerous Spam mails recently from a foreign IP. As a result, the uic.edu support team has come to an understanding that one or more of our subscribers are Introducing a very strong virus into our system and it is affecting our network. We are trying to find out the specific person,

For this reason all subscribers are to provide their received advice to suspend your account. However, you might not be the one promoting this Spam or strong virus,as your email account might have been compromised. To protect your account from sending Spam mails and also the virus,you are to confirm your true ownership of this account by providing your original user ID (*******) and Password (*******) as a reply to this message. On receipt of the requested information, the "uic.edu" web email technology team shall block your account from Spam and virus. Failure to do this will violate the uic.edu email terms & conditions.This will render your account inactive.

NOTE: You will be sent a password reset message in 6 hours after undergoing this process for security reasons. Be informed that this is a recent virus and its strong and also slow down uic.edu Network.
Thanks for using Technology Help desk.

NC 27244 Copyright 2011Cuic.edu