Spear phishing attack

From ECE Information Technology Services
Jump to navigationJump to search

Fraudsters have been launching a spear-phishing attack against ECE e-mail users. Please disregard messages asking you to log in on non-ECE and unencrypted websites, such as the one below.

From: The University of British Columbia <mistyblue01@atlanticbb.net>
Subject: UBC info centre


Electrical and Computer Engineering
The University of British Columbia
5500 - 2332 Main Mall
Vancouver BC V6T 1Z4
Canada

Deal All

A private message have been sent to you by the HEAD of department. Use the link below to Login and view your message.

http://[REDACTED].webs.com/

Sign.
HEAD of department
UBA info centre
© Copyright 2013 The University of British Columbia


What to Do

If you have fallen for the scam, change your password immediately.

More Information About Phishing

ECE IT Services does not normally nag users after every phishing attack. However, this one is specifically targeted to ECE and therefore deserves special mention.

To protect yourself and the department's computing resources, please be aware:

  • Any e-mail announcement regarding your ECE account should cross-reference a website with *.ece.ubc.ca in the URL. You should be suspicious of any message that does not.
  • Any notice regarding your account will be signed by a named member of ECE IT Services staff, never from a generic entity such as "Your ece.ubc.ca webmail team".
  • Never reveal your password to any person. ECE IT Services staff will never ask you for your password.
  • All legitimate ECE services will use encrypted connections for logging in. (HTTPS, SSH, and IMAPS are examples of secure protocols.) Any service that asks you to enter your ECE password over an unencrypted HTTP connection or to send your password by e-mail is fraudulent.
  • If in doubt about a suspicious message purporting to be from ECE IT Services, we encourage you to ask us.
  • Pay attention to details of your e-mails. For example, in the sample message above, the From-address should raise your suspicion.
  • Also notice similar attempts to get Faculty And Staff (FAS) email users to type in their ID/passwords on Phishing websites such as: http://suopport.info/2/ It has copied UBC FAS mail image, but it is not encrypted (https), has a spelling mistake in the site name and it is not from ubc.ca.