Information Security

A series of phishing attacks purporting to be from the Internal Revenue Service have been reported to Information Security Services by WVU users. While the exact language varies, all of the e-mails require the user to click on a link to provide their personal information to secure their federal tax “e-Refund.” The links take the user to official looking forms hosted on web servers in Denmark, Russia, and other foreign countries.

Defend Your Data! Do not fall for these phishing attacks by providing your birth date and Social Security number to identity thieves. Forward these e-mails as an attachment to defendyourdata@mail.wvu.edu and then delete them from your inbox.

Two messages, now circulating around campus, contain harmful attachments that if the unsuspecting user opens, will trigger a virus. Both emails appear to come from a valid “mail.wvu.edu account,” either “Fax Server ” or “Xerox WorkCentre < xerox.device@mail.wvu.edu>.”

Do not open the attachment. Forward the email to DefendYourData@mail.wvu.edu and delete.

An email is now hitting WVU email accounts claiming that unless the unsuspecting user “confirms” their account information, their Amazon account will be suspended. Users are directed to click on a link that resembles the UK website of Amazon and provide their email address and password. Once there, users are taken to a second page and asked for more information.

Ignore and delete this email. Merchants like Amazon do not communicate account information in this form. Stay skeptical and Defend Your Data! More information is located at:

http://www.amazon.com/gp/help/customer/display.html?nodeId=15835501

A new phishing attack is hitting WVU email accounts claiming to come from the “Service Desk Coordinator” at WVU. The attack claims that all incoming email to a user account have been suspended pending a required update. Clicking the included update link takes the user to a very convincing forgery website that appears to be WVU MIX. However, the browser web address is http://2swans.co.za/mix.htm and is designed to steal your information.

IGNORE this e-mail, and forward it as an attachment to defendyourdata@mail.wvu.edu. If you did enter your information on this forged site, go immediately to the myid.wvu.edu website and change your password. If you use the same password on other accounts, such as Facebook, change that password to a different one as well. Neither WVU nor any other legitimate agency will ever send an email of this type. Think before you click!

An email that claims to be from WVU Human Resources is circulating around campus. The email states that the family of Gerry Ohara needs to employ a babysitter, and provides a return gmail.com account with a WVU Human Resources signature. This email is a fake and a possible phishing attack.

If you reply to this email, you will likely see in an increase in Spam and a request for personal information from a scam artist. Do NOT reply to this e-mail. Forward the message as an attachment to defendyourdata@mail.wvu.edu and delete it from your inbox.

On July 12, 2012, 450,000 Yahoo! Voice accounts containing email and passwords in clear text were released. The handful of individual WVU users who appeared on the list are being contacted directly. If you are concerned about your account, go to http://dazzlepod.com/yahoo and enter your information in the search box.

This hack emphasizes the importance of never reusing your WVU password on other accounts. A hack of an external, private account could give data thieves access to WVU resources using your login.

For help on creating memorable strong passwords, please visit: http://oit.wvu.edu/infosecurity/create-strong-passwords/.

An email signed by Larry Peterson lpeterson@weavemail.com, purporting to represent “WVU Collaborative Networks,” is arriving in WVU email. While the website, Collaborative Networks, appears to be legitimate, the sender is not a WVU employee and “WVU Collaborative Networks” is not an official WVU initiative.

Information Security Services is seeking more information regarding this site and the use of “WVU” on the Collaborative Networks website. Please ignore this invitation and do not enter any personal or business information at this website pending further investigation.

A phishing attack that appears to come from WVU Web Services is appearing in campus email inboxes. The email notifies the recipient that their webmail access is about to expire, and a link is provided to update your credentials. DO NOT click on this link. It goes to a marketing website housed in Russia and is obviously NOT a WVU resource!

This is a classic phishing scam seeking to capture your login/password credentials. If you did fall victim to this attack, contact WVU Information Security for assistance: Information_Security@mail.wvu.edu

For more information on how to identify and avoid phishing attacks, visit: http://onguardonline.gov/phishing

One of the most common data security breaches reported by WVU students involves both their social networking and WVU MIX accounts. Most often, they used the same username and/or password on both sites. This gives a data thief easy access to personal information.

Reusing login credentials may be convenient, but it is not secure. This practice exposes the user to increased threat of identity theft or malicious use of multiple personal accounts. NEVER reuse your WVU login credentials, username, and/or password, on any other web-based private account. At the very least, use a different strong password for all of your private accounts. Don’t give a data thief one key to unlock all of your private information.

For more information contact: Information_Security@mail.wvu.edu

Email phishing attacks are on the rise. While the Office of Information Technology is able to filter out the vast majority of these attempts, some may still make it through to your inbox.

A recent phishing attempt seen on campus appears to come from the Internal Revenue Service and requests the user click a link to review their tax statement. NEVER click on a link or open an attachment that comes in an unsolicited email. Doing so could open your PC to malware and expose you to identity theft.

For more phishing information and what you can do to avoid being a victim, please visit:

http://oit.wvu.edu/resources/scams/
http://www.ftc.gov/bcp/edu/pubs/consumer/alerts/alt127.shtm
http://www.antiphishing.org/