Page 1 of 1

Recent "Spear Phishing" Attackes Targeting Fresno State

PostPosted: Fri Jun 29, 2012 9:35 am
by jimm
You probably have seen email messages resulting from several recent "spear phishing" attacks against our campus. The two most recent of these have been particularly convincing and several users were duped into providing their email credentials. Our staff has taken the necessary steps to secure the accounts of these users.

The most recent attack used a forged, or "spoofed", email address so that it appeared to come from our Help Desk. This phishing email has the subject “CSUFRESNO.EDU! Mail is upgrading: What it means for you.” and appears to come from “Zimbra Upgrade!!! Mail for CSUFRESNO.EDU"

This phishing email uses the promise of a Zimbra upgrade in an effort to lure users to a website at webs.com where they will be asked for personal information including their name, email address, username and password. Please don't click on the link in this message. If you receive this phishing email, please delete it from your inbox and trash.

We will not use email to ask you to provide personal information except in the specific case where you are reminded to log in to the myfresnostate portal to change your password. Any email asking you to send your userid or password, and asking you to click on a link to update your userid or password, should be treated as a phishing attempt and we encourage you to delete these messages.

As always, if you have questions or concerns about email, or any of the services we provide, please contact our Help Desk.

Thank you, Jim Michael - Technology Services