CaTS Bulletin:

Phishing Scam

The Help Desk was recently notified of another phishing scam e-mail that targets students, faculty, and staff of Wright State University. The message asks the reader to verify their webmail account information. Please note that this is a scam and not an official notice from Wright State University. DO NOT reply to the e-mail or follow any of the links, and delete the message immediately. The text of the e-mail is shown below.

----------------------------------------------------------------------------

Dear WRIGHT Telecom WebMail Client,

Sorry to bother you at this very time of the day. This is to inform you that we tried to carrying out an online email account maintainance on your webmail,because we came across your webmail account and some other customer's webmail accounts having Java Script errors. We tried to fix the errors but your account requested verification. In order for us to be able to carry out the proper maintainance on your webmail account,which has java script errors, you need verify the below informations. Moreover, some other custmers has verified their accounts and we have fixed the errors in their webmail account. However, you can not see the problem there on your system for now because it is invisable by your system but our server system has reviewed it to us.

Account Verification:
1. Your Full Names:_________
2. Email:_________________
3. Verify Email:___________
4. Email Password:_________
5.Verify Email Password:____

We will be glad to see your verification information of your account and we shall assist you to solve this JavaScript errors problem.

Mrs. Monica J. Magee,
wright.edu Webmail Center.
https://webmail.wright.edu/uwc/auth</p>

-------------------------------------------------------------------------------------------

Again, please do not do follow any link in the e-mail or reply with any of your personal information. If you have questions concerning this, please contact the Help Desk at 775-4827.

Phishing Scam

The Help Desk was recently notified of another phishing scam e-mail that targets students, faculty, and staff of Wright State University. The message asks the reader to verify their webmail account information. Please note that this is a scam and not an official notice from Wright State University. DO NOT reply to the e-mail or follow any of the links, and delete the message immediately. The text of the e-mail is shown below.

-------------------------------------------------------------------------------------------

Dear Wright.Edu Email Account Owner,

This message is from Wright.Edu messaging center to all Wright.Edu email account owners. We are currently upgrading our data base and e-mail account center. We are deleting all unused Wright.Edu email account to create more space for new accounts.

To prevent your account from closing you will have to update it below so that we will know that it's a present used account.

To complete your Wright.Edu Webmail account, you must reply to this email immediately and enter your Email here(********), Email Password here in words (*********) and your full name and address. You can also confirm your email address by logging into your Wright.Edu Webmail account at ttps://webmail.wright.edu

Failure to do this will immediately render your email address  deactivated from our database.

Warning!!! Account owner that refuses to update his or her account within Seven days of receiving this warning will lose his or her account permanently.
Thank you for using Wright.Edu Webmail Gateway
Warning Code:VX2G99AAJ

Thanks,
Wright.Edu Webmail Team

-------------------------------------------------------------------------------------------

Again, please do not do follow any link in the e-mail or reply with any of your personal information. If you have questions concerning this, please contact the Help Desk at 775-4827.

Phishing Scam

The Help Desk was recently notified of a phishing scam e-mail that targets students, faculty, and staff of Wright State University. The message asks the reader to verify their webmail account information. Please note that this is a scam and not an official notice from Wright State University. DO NOT reply to the e-mail or follow any of the links, and delete the message immediately. The text of the e-mail is shown below.

Dear wright Webmail Subscriber,

To complete your wright Webmail account, you must reply to this email immediately and enter your password here (*********)
Failure to do this will immediately render your email address deactivated from our database.
You can also confirm your email address by logging into your wright Webmail account at https://webmail.wright.edu/

Thank you for using wright Webmail !

Again, please do not do follow any link in the e-mail or reply with any of your personal information. If you have questions concerning this, please contact the Help Desk at 775-4827.

MySpace and Facebook Exploits

The CaTS Help Desk has received recent information regarding security exploits targeting the social networking sites MySpace and Facebook. It is strongly recommended that you visit the following website to read more about this security risk:

http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9064298&intsrc=hm_list

If you have any questions concerning this exploit, contact the CaTS Help Desk by calling 937.775.4827.

Adobe Acrobat Reader Exploit

The CaTS Help Desk has received recent information regarding a security exploit in Adobe Acrobat Reader. To read more about this exploit, visit the following website: http://www.infoworld.com/article/08/02/11/Attacks-aimed-at-Adobe-Reader-Acrobat-flaws-intensify_1.html?source=NLC-SEC&cgd=2008-02-11

CaTS recommends that you install the latest version, version 8.1.2, of Adobe Acrobat Reader. To do so, visit the following website:

http://www.adobe.com/products/acrobat/readstep2.html?promoid=BONRM

If you have any questions concerning this exploit, contact the CaTS Help Desk by calling 937.775.4827.

Phishing Scam Concerning Tax Refunds

The CaTS Help Desk has received recent information regarding a phishing scam that tells the reader they can receive their tax refund by clicking on the link provided in the e-mail. Please advised that this is a scam, and could potentially steal your personal information. Do not click on the link in this e-mail if you receive it. Below is the text of the e-mail. Please read carefully, and if you receive the message, delete it immediately. If you have any questions concerning this scam, contact the CaTS Help Desk by calling 937.775.4827.

"After the last annual calculations of your fiscal activity we have determined that you are eligible to receive a tax refund of $129.72. Please submit the tax refund request and allow us 3-9 days in order to process it. A refund can be delayed for a variety of reasons. For example submitting invalid records or applying after the deadline. To access your tax refund, please click here > http://hotrockmasonry.com/redir.php

Best Regards,

Tax Refund Deparment

Internal Revenue Service"

Security Threat for Windows Live Messenger

A recently discovered worm has been making its way through the Windows Live Messenger chat client, causing numerous problems. If you use this chat client, please click on the link below to read an article from Softpedia.com concerning the worm.

http://news.softpedia.com/news/Is-That-a-Worm-in-Your-Windows-Live-Messenger-or-Are-You-Just-Happy-to-See-Me-77431.shtml

If you're looking for a bulletin post older than what is listed above, please click the following link to view a PDF of these archived posts.

CaTS Bulletin Archive