Phishing Alerts

1/11/14 Illegal Sign-in Alert

UA Information Security received a report of a new version of a spear phishing email that originally hit campus on December 17, 2013.  If you have received this email, please delete it.  If you responded or clicked on any links in the email, please contact your local IT support or the 24/7 IT Support Center as soon as possible.

Following is the text of the spear phishing email, with email addresses and URLs redacted.

1/8/14 Important Security Information

Some members of the UA community have received a spear phishing email this afternoon, although spam filters seem to be catching it and sending it to the junk mail folder.  The email contains a UA logo, which may lead some to believe it is a legitimate email. 

If you have received this email, please delete it from your email box.  If you responded or clicked on any links, please contact your IT support immediately, or the 24/7 IT Support Center. 

<UA LOGO INSERTED HERE>

12/19/13 IT Help Desk Information

Another phishing attempt was forwarded to UA Information Security this morning.  If you receive this email, please delete it from your mail box. 

Phishing email text:

From: Michelle Sweet <MSWEET_at_EMAIL ADDRESS REMOVED>
Date: Thursday, December 19, 2013 8:23 AM
To: Michelle Sweet <MSWEET_at_EMAIL ADDRESS REMOVED>
Subject: RE: IT HELP DESK INFORMATIO​N

Your account safety is our top priority.

12/17/13 Illegal Sign-in Alert

Members of the UA community reported receiving a phishing email today.  If you receive this email, please delete it from your email box.  Do not click on the link or respond to it.

Following is the spear phishing message (URL redacted):

12/9/13 Email Account Validation

A spear phishing message with an attachment was received by some members of the UA community Monday, December 9, 2013.  The body of the email read as follows:

11/26/13 Incident ID:F4700791056

We received a phishing report this morning  of an email that directs the recipient to click on a link to update User Preferences in Outlook (see message below).  This is a phishing scam.  Please delete it from your mailbox.

11/19/13 Income

The following email was received by campus staff members today. If you have received the email, please delete it.
 
 
From: Lea Fisher [EMAIL ADDRESS REDACTED]
Subject: Income
 
Hello,
 
Please email me if you want to make some extra money.

11/18/13 Helpdesk Administrator

A phishing email was forwarded to UA Information Security with the subject line "Helpdesk Administrator." The email read as follows:
 
Your password will expire in 2 days. Would like to change it now? click here <URL Removed>:
 
If you receive this email, please delete it. Do not respond or click on any links.

11/11/13 NetID is Limited

UA Information Security received a report of the following spear phishing email:
 
Subject: NetID is Limited
To:
 
Arizona Alert - IT support ,
 
Dear Account User, you may loss your Google / NetID Account, if you don't re-validated in 12 Hours for the new Upgrade.
 

11/5/13 Deletion Policy for U-System/Email Accounts

Campus experienced a spear phishing attack this morning that was addressed to students, informing them that they should go to a website to view a new deletion policy for email accounts. The link led to a page that looked similar to the UA web auth page.

If you entered your credentials in the faked web auth page, please change your NetID password immediately.