Fraudulent e-mail sent to University accounts
The University notified students, staff and faculty Tuesday of a fraudulent e-mail and blocked the sender’s address from the University server.
This warning was a response to a phishing attempt asking individuals to supply MyUGA IDs, passwords, their birthday and “country or territory” via e-mail.
Phishing is a special category of spam. Spam asks individuals to visit a Web site, and phishing asks individuals to supply personal information.
The title of the false e-mail was “Verify Your UGA E-Email Account.” The message was tailored for those with uga.edu e-mail addresses.
This type of scam is known in the information security industry as “spear-phishing.” Spear-phishing differs from normal phishing in that the sender targets a particular group of people.
“Usually when you see phishing, there is a wide cast,” said Stanton Gatewood, chief information security officer for Enterprise Information Technology Services.
The false e-mail said the University was in the process of deleting old accounts and needed verification.
It said “Warning !!! Account owner that refuses to update his or her account within seven days of receiving this warning will lose his or her account permanently.”
Gatewood said EITS received questions about the e-mail Sunday night. On Monday, EITS’ employees spent the day containing the problem.
Gatewood said University servers receive hundreds of thousands of spam attempts each day, many of which are blocked before they reach inboxes. But some false e-mails find ways of going through security filters.
The fake e-mail was sent from ugateam01@bellsouth.net. Gatewood said EITS reported the problem to AT&T, the Internet Service Provider for bellsouth.net.
EITS blocked the sender from the University server.
“As soon as we became aware of what was going on, we blocked that e-mail on the sending side,” said EITS spokesman Bert DeSimone.
Desimone said passwords should never be supplied via e-mail. University usernames and passwords unlock more than e-mail for phishers. WebCT and student accounts are accessible.
