Difference between revisions of "Spam/phishing/mail delivery problems (Apr 2013)"

From ECE Information Technology Services
Jump to navigationJump to search
Line 12: Line 12:
 
* All legitimate ECE services will use encrypted connections for logging in.  (HTTPS, SSH, and IMAPS are examples of secure protocols.)  Any service that asks you to enter your ECE password over an unencrypted HTTP connection or to send your password by e-mail is fraudulent.
 
* All legitimate ECE services will use encrypted connections for logging in.  (HTTPS, SSH, and IMAPS are examples of secure protocols.)  Any service that asks you to enter your ECE password over an unencrypted HTTP connection or to send your password by e-mail is fraudulent.
 
* If in doubt about a suspicious message purporting to be from ECE IT Services, we encourage you to ask us.
 
* If in doubt about a suspicious message purporting to be from ECE IT Services, we encourage you to ask us.
 +
* Sample Phishing email. Notice that it could have been crafted better to show it was sent from it@ece.ubc.ca. Also notice the Web link ends in webs.com (normally they conceal this part but the can not conceal the link). Just hover your mouse over the link and your browser should show you the real link. Any email from us, will have a web link to ece.ubc.ca in it.<b>
 +
 +
Help Desk@IlohaMail <david-oscar@stofanet.dk>
 +
--
 +
Attention to all  IlohMail users,
 +
 +
We wish to inform you that an HTK4S virus has been detected in your E-mail folder and your IlohMail account must be updated to our new F-Secure Anti-virus/HTK4SR Anti-Spam (April ) 2013 to prevent damage to all our  registered Emails and documents important .
 +
 +
To upgrade your IlohMail account Click Here
 +
 +
Upgrade: http://verify_ece_ubc_ca.webs.com/
 +
 +
Fill the columns inside the page and click Submit and your IlohMail account will be upgraded automatically.
 +
 +
Warning!!! All IlohMail owner that refuses to update his or her IlohMail within two days of receiving this warning will lose his or her Email permanently.
 +
 +
Thanks for your co-operation
 +
 +
Sincerely,
 +
 +
IlohMail Communication Team
 +
©2013  Communications Corporation. All Rights Reserved.

Revision as of 17:02, 25 April 2013

One ECE user's account was compromised after divulging his/her password in a phishing attack. The compromised account was used to send spam through the ECE mail server for several hours on the morning of April 15, until we disabled the account.

As a result of this incident, mail from ECE is currently being rejected by some e-mail providers, including GMail, Hotmail, and Comcast. Until the ECE mail server is removed from these blacklists, you may need to find alternate ways of corresponding with users on those mail systems.

Anti-Phishing Advice

Please do your part to keep your password safe, as a security breach can impact all users in the department. In particular,

  • Any e-mail announcement regarding your ECE account should cross-reference a website with *.ece.ubc.ca in the URL. You should be suspicious of any message that does not.
  • Any notice regarding your account will be signed by a named member of ECE IT Services staff, never from a generic entity such as "Your ece.ubc.ca webmail team".
  • Never reveal your password to any person. ECE IT Services staff will never ask you for your password.
  • All legitimate ECE services will use encrypted connections for logging in. (HTTPS, SSH, and IMAPS are examples of secure protocols.) Any service that asks you to enter your ECE password over an unencrypted HTTP connection or to send your password by e-mail is fraudulent.
  • If in doubt about a suspicious message purporting to be from ECE IT Services, we encourage you to ask us.
  • Sample Phishing email. Notice that it could have been crafted better to show it was sent from it@ece.ubc.ca. Also notice the Web link ends in webs.com (normally they conceal this part but the can not conceal the link). Just hover your mouse over the link and your browser should show you the real link. Any email from us, will have a web link to ece.ubc.ca in it.

Help Desk@IlohaMail <david-oscar@stofanet.dk> -- Attention to all IlohMail users,

We wish to inform you that an HTK4S virus has been detected in your E-mail folder and your IlohMail account must be updated to our new F-Secure Anti-virus/HTK4SR Anti-Spam (April ) 2013 to prevent damage to all our registered Emails and documents important .

To upgrade your IlohMail account Click Here

Upgrade: http://verify_ece_ubc_ca.webs.com/

Fill the columns inside the page and click Submit and your IlohMail account will be upgraded automatically.

Warning!!! All IlohMail owner that refuses to update his or her IlohMail within two days of receiving this warning will lose his or her Email permanently.

Thanks for your co-operation

Sincerely,

IlohMail Communication Team ©2013 Communications Corporation. All Rights Reserved.