Phishing Alert - Please be on guard for phishing!

Non-Emergency Construction Projects, Outages, IT Notices

Phishing Alert - Please be on guard for phishing!

Postby jimm » Mon Aug 20, 2012 7:46 am

Fresno State continues to be the target of a number of attempted phishing and "spear phishing" attacks and we are asking that you please watch for these and avoid responding to fraudulent messages.

Technology Services will never ask you to click on a link in an email from our department as a way of addressing any issue with your Zimbra account. We will also never ask that you send us your email user ID and password via email.

"Spear Phishing" involves e-mail spoofing fraud attempt that targets a specific organization, seeking unauthorized access to confidential data. For Fresno State, these may be crafted to appear as if they come from the University, Technology Services, our Help Desk or email administrators. They may mention Zimbra specifically in an effort to convince users they are legitimate messages. As these may ask you to click on a link to take action regarding your account or may ask you to respond with your email user ID or password, you can be sure that they are not legitimate. Please delete any such messages you receive. If you are in doubt about a message, please call our Help Desk at 559.278.5000 for assistance.

I have provided a recent example of a "spear phishing" email below to highlight a few features of these that you can watch for in working to avoid falling victim to phishing. This message asks you to click on a link to take action regarding your account, mentions Zimbra repeatedly to appear authentic and appears to call for urgent action. This example is not very well crafted as it does not appear to come from a Fresno State department or staff. You can clearly see that it was sent from an email address in Italy ( and is not written in a style you would expect to see in messages from Fresno State.

Other "spear phishing" messages are better crafted but you can spot them by their effort to gain access to your email user ID, password or other confidential information. Please be diligent and don't be taken in by these messages! If you have questions or concerns about phishing, please call our Help Desk or email me at

We will continue to make every effort to prevent these phishing attacks and to raise awareness of this threat.

Thank you,

Jim Michael - Technology Services


From: "zimbra webmail" <>
Sent: Friday, August 10, 2012 11:18:00 AM
Subject: Zimbra! Email Deletion Confirmation



D ear subscriber,

1. You requested your Email Account on August 10, 2012 at 11:02 PM CS to be deactivated and deleted from a location in with this IP number;

2. Click on (LINK DELETED FOR SECURITY) to cancel this request; else your email account will be deactivated and deleted within 24 hours

3. Do not share your password with anyone for your security purpose. Thank You for Being A Loyal Zimbra! Mail User
We hope you enjoy the newest version of Zimbra! Mail.

Zimbra! Mail

The newest version of Zimbra! Mail is governed by these new Terms of Service , Communication Terms of Service and Privacy Policy .

Please do not reply to this message. This is a service email related to your use of Zimbra! Mail. To learn more about Zimbra!'s use of personal information, including the use of Web beacons in HTML-based email, please read our Privacy Policy . Zimbra! is located at 701 First Avenue, Sunnyvale, CA 94089 .
Posts: 0
Joined: Wed Jun 27, 2012 9:44 am

Return to Alerts