Description: CSRT continues to see an increase in customized attempts to obtain University of Tulsa usernames and passwords.
The most recent attempts of concern for TU faculty, staff, and students, are email phishing attempts that disguise themselves as information requests due to the upgrade of the University of Tulsa web mail system.
The latest of these e-mail phish attempts are at the bottom of this post.
Recommendations: Please be aware, that University of Tulsa Computer Support Personnel will never ask for your password in email, over the phone, or in person. We will also never send URL 'links' in an email, attachments, or provide specific instructions in email form. If there are any doubts on the legitimacy of an email, delete the email, and contact your designated Computer Support person or the Help Desk, x3500. As always, please check back on the Computer Security Response Team website (this website) for more information concerning Computer Security related items. Additional information about what you can do to combat phishing is available at http://www.antiphishing.org/consumer_recs.html
Utulsa Webmail Phish Example
Note: Italics are used to point out the traditional spam or phish fingerprints.
Dear Utulsa Webmail Subscriber
This message is to inform all our {Utulsa} webmail users that we will be
maintaining and upgrading our website in a couple of days from now. As a
Subscriber you are required to send us your Email account details to
enable us know if you are still making use of your mail box.
Be informed that we will be deleting all mail account that is not
functioning to enable us create more space for new users, You are to send
your mailaccount details which are as follows:
*User Name:
*Password:
*Date of birth:
You can also confirm your email address by logging into your account
at https://webmail.utulsa.edu/imp/login.php before sending us the
required information.
WARNING: Any of our webmail user that refuses to send his/her verification
details within the next seven(7) days of receiveing this message and
failed to respond will be deleted immedately from our database.
Verification code: Utulsa:0090-009
Thank you for using Utulsa!
From The Utulsa Support Team.
© Utulsa Support Team
Disclaimer: This information is intended to help students, faculty, and staff at The University of Tulsa, no one else. Some information contained in this advisory may be specifically tailored to our systems. Some of the recommendations in this advisory may cause harm to non university systems. If you are not a student, faculty member, or staff member at The University of Tulsa and find this information helpful we are pleased, but do not call or email the Computer Security Response Team or the helpdesk for further information.
