Spam/phishing/mail delivery problems (Apr 2013)

From ECE Information Technology Services
Jump to navigationJump to search

One ECE user's account was compromised after divulging his/her password in a phishing attack. The compromised account was used to send spam through the ECE mail server for several hours on the morning of April 15, until we disabled the account.

As a result of this incident, mail from ECE is currently being rejected by some e-mail providers, including GMail, Hotmail, and Comcast. Until the ECE mail server is removed from these blacklists, you may need to find alternate ways of corresponding with users on those mail systems.

Anti-Phishing Advice

Please do your part to keep your password safe, as a security breach can impact all users in the department. In particular,

  • Any e-mail announcement regarding your ECE account should cross-reference a website with * in the URL. You should be suspicious of any message that does not.
  • Any notice regarding your account will be signed by a named member of ECE IT Services staff, never from a generic entity such as "Your webmail team".
  • Never reveal your password to any person. ECE IT Services staff will never ask you for your password.
  • All legitimate ECE services will use encrypted connections for logging in. (HTTPS, SSH, and IMAPS are examples of secure protocols.) Any service that asks you to enter your ECE password over an unencrypted HTTP connection or to send your password by e-mail is fraudulent.
  • If in doubt about a suspicious message purporting to be from ECE IT Services, we encourage you to ask us.