Phishing Scam Targets Universities
BSS Computing is forwarding this important warning from the SFSU central IT unit (DoIT):
San Francisco State University: NEVER send sensitive or confidential
information via e-mail.
Universities all over the world, including SF State, are being targeted in
the latest "spear phishing" scam e-mails.
Phishing is an attempt to trick people to reveal sensitive information,
such as passwords, birthdates, and credit card or bank account numbers, by
impersonating someone trustworthy. Spear phishing is a highly targeted
type of phishing typically directed at a particular institution.
These phishing e-mails claim to be sent from the university's e-mail
administrators, requesting verification of e-mail accounts. Messages have
a subject like 'VERIFY YOUR SFSU.EDU EMAIL ACCOUNT NOW' and begin 'Dear
sfsu.edu Email Account Owner'. An example of such an e-mail can be viewed
at: http://www.sfsu.edu/~doit/phishing/
SF State will never ask for you to send sensitive information via e-mail.
Never send sensitive information via e-mail; e-mail is not a secure form
of communication.
If you receive an e-mail you are not sure about -- do not reply -- forward
the e-mail to: abuse@sfsu.edu