February 21, 2012
More phishing warnings--"Important Notice" spam

We seem to be getting more of these and more clever ones. Last night many of you recieved an email with the following in the body:

Your email account has been reported for numerous spams Activities from a foreign ip recently. As a result you may not be able to receive or send new mail.

However, you might not be the one promoting this Spam,as your email account might have been compromised. To protect your account from sending spam mails, You are to confirm your true ownership of this account by following this link below, fill the form and login again to your webmail...

Particularly insidious, it spoofs the Solution's Center email address as well as a solutions center footer and ISU logo. Needless to say it is NOT from the Solution's Center. Solution's Center staff will never ask you to go to an external site and enter your Net-ID and password.

DO NOT respond to this or similar email. DO NOT input your Net-ID and password into a link that is not on the iastate.edu site (I'm not going to reproduce the link here, but it clearly points to a non-iastate.edu site).

I recommend always going to the site (for example: asw.iastate.edu) directly rather than clicking on a link if you're being asked to put in your Net-ID and password.

If you ever have questions about whether an email is legitimate, please call 515-294-1725 or email the hotline at eithotline@iastate.edu

Posted by dcoates at 09:16 AM
February 06, 2012
Remember: Don't Give Away Your Password

Recently, university IT Services has learned that staff are receiving emails like the following:

Subject: Helpdesk: Upgrade to the New 2012 Mail Server Immediately Date: Sun, 29 Jan 2012 14:13:16 -0700 From: (obscured) To: Undisclosed recipients

Dear Account Owner,
We are currently migrating to Microsoft Exchange 2012 (from Exchange 2003/2011). With the introduction of Internet Explorer 9, Outlook Express has apparently been removed from the installation package on our Message Center. OWA 2012 provides the same conversation view and experience as Outlook 2011: By default, messages are displayed in threads so that all the messages on a particular topic are grouped. Inability to complete information on the form within 48 hours Message Center will render your e-mail in-active from our. Fill information on the Form by clicking on the link below:

(URL removed for security.)

You will receive an e-mail within 48 hours when your mailbox account is moved.
Thank you.
Help Desk
(c)2012. All Rights Reserved

Where the link in the email takes you to an off-campus website where you're asked to enter your NetID, password and other personal information.

Some things to remember:

  1. Important email from EIT and generally from IT Services on campus will come from an individual not 'Help Desk' or 'ISU Support'
  2. You can ALWAYS double-check an email (particularly one you think might be legitimate, but which doesn't have a legitimate staff person's name associated with it) by sending email to eithotline@iastate.edu or calling the Computer Support hotline at 515.294.1725.
  3. NEVER enter your NetID and password on a webpage that's not clearly identified as an extension.iastate.edu or iastate.edu webpage. If you have doubts, type in the URL (for example, exchange.iastate.edu or asw.iastate.edu) directly.
  4. If you feel you've entered your NetID and password on a non-ISU site, change your password immediately. On Windows machines, type Ctrl-Alt-Del and select Change Password. Or go to asw.iastate.edu, login, and select Change Password.
Posted by dcoates at 02:52 PM