Alert: Phishing Attempt

This is not a communication from the SHSU Department of Computer Services. This is an attempt to steal your personal data.
Do not reply.

The SHSU Department of Computer Services will never ask for your personal account details. A quick rule to consider is if the English seems somewhat garbled that it's likely to be non-legit. Review these guidelines for more tips.

 

From: SHSU HELP DESK. [helpdesk@shsu.edu]
Sent: Saturday, August 02, 2008 5:42 AM
Subject: Dear shsu.edu mail User.

Dear shsu.edu mail User,

To complete your shsu.edu mail account, you must reply to this email
immediately and enter the following informations below:

Name:
Password:

 

Failure to do this will immediately render your email address deactivated
from our database.

You can also confirm your email address by logging into your shsu.edu
mail accountat https://sammail.shsu.edu/

We apologise for any inconveniences, but trust you understand that our
primary concern is for our customers to be totally secure.

SHSU HELP DESK.

 

Dear SHSU.EDU Email Account Owner,

This message is from SHSU.EDU messaging center to all SHSU.EDU email account owners. We are currently upgrading our data base and e-mail account center. We are deleting all unused SHSU.EDU email accounts to create more space for new accounts.

To prevent your account from being closed, you will have to update it below so that we will know that it's a present used account.

CONFIRM YOUR EMAIL IDENTITY BELOW

Email Username :
EMAIL Password :
Date of Birth :
Country or Territory :

Warning!!! Account owner that refuses to update his or her account within Seven days of receiving this warning will lose his or her account permanently.

Thank you for using SHSU.EDU
Warning Code:VX2G99AAJ

SHSU.EDU Team

WWW.SHSU.EDU

 

 

Dear Account User,

This Email is from Sam Houston State University webmail user Customer Care and we are sending it to every webmail User Accounts Owner for safety. we are

having congestions due to the anonymous registration of accounts so we are shutting down some accounts and your account was among

those to be deleted.

We are sending you this email to you so that you can verify and let us know if you still want to use this account. If you are still interested

please confirm your account by filling the space below.Your User name,password, date of bith and your country information would be

needed to verify your account.

Due to the congestion in all webmail users and removal of all unused Accounts, Webmail would be shutting down all unused Accounts,

You will have to confirm your E-mail by filling out your by filling the space below.Your User name,password, date of bith and your country

information would be needed to verify your account.

Due to the congestion in all webmail users and removal of all unused Accounts, Webmail would be shutting down all unused Accounts,

You will have to confirm your E-mail by filling out your Login Information below after clicking the reply button, or your account will be

suspended within 24 hours for security reasons.

You are to send the following information for verification

* Username: ............................
* Password: ............................
* Date of Birth: .......................
* Country Or Territory: ................

Your response should be sent to admin manager Email:
foresthillwebmailaccount@count.com

Waiting to received the details of your two email.

Warning!!! Account owner that refuses to update his/her account after two weeks of receiving this warning will lose his or her account

permanently.

Regard,
Customer Care Of Webmail Team

 

You can avoid being a victim, if you follow these simple rules:

  • NEVER TRUST AN EMAIL SENDER

Did you know that you can fake the return address in an email? For the less computer literate, that's the bit of the email that tells you who it's from. The sender can choose any name/supposed address they want, so never trust an email just because it appears to be from a legitimate address. It is a well known fact that over 95% of phishing attacks use spoofed email addresses to appear more authentic.

  • ALWAYS CHECK THE CONTENT

Whilst the most professional spoofs may be almost indistinguishable from the real thing, other scams are much easier to spot.

A common technique used by scammers is to include all of the email's text as an image, and have the whole image link to a spoof website when clicked. This is a tactic to avoid email scanners that can scan the text in an email but not images. If you can't click and select the text as normal with the mouse, simple, it's a scam. Authentic emails are never constructed like this.

Bad spelling and grammar is also a dead giveaway, as are places that seem unable to spell their own names, e.g. ‘Alert from Ciitibnk'. Banks and the like don't send out emails with mistakes as bad as these.

  • DON'T OPEN ATTATCHMENTS

Sometimes a spoof email will come with an attachment. Don't open it! It may be harmless, but there is no need to take the risk. This is the most common way that viruses are spread, and as well as being a scam the email may try and infect your computer with programs that steal information from you without your knowledge. 90% of computer viruses are distributed via email, so don't take the risk.

  • UPDATE YOUR COMPUTER SECURITY

An unprotected computer on the internet is like a house without locks - extremely vunerable. To make your computer safer and more secure, there are 3 basic steps you can take:

Get an antivirus program (and keep it updated). Antivirus programs sit on your computer and scan every file in case it's infected with a virus. They can then remove it from your system. It is essential to keep an antivirus up to date, as new viruses appear everyday. Most antivirus programs will do this for you automatically.  

Get an spyware removal program (and keep it updated). Ad removal programs are an essential companion to an antivirus, as they can pick up programs that the antivirus can miss. Some programs, known as ‘spyware', are not classed as viruses, but are still potentially harmful, as they can sit on your computer gathering information without your knowledge or consent. Some can even record every keyboard press you make, thus capturing important information such as passwords and credit card details.

Update your operating system. Most people these days use Microsoft Windows, but unfortunately Windows is not flawless, and security holes and other issues are regularly discovered that an attacker could exploit to get inside your computer and steal information. Fortunately Microsoft fix every weakness they find, so make sure you've got all the latest updates at http://windowsupdate.micosoft.com.


  • NEVER GIVE OUT YOUR PERSONAL DETAILS

This is the simplest rule of all. Banks, financial institutions and the like will never ever send you an email asking you to directly verify your account or update your details via an email. It simply doesn't happen. In such rare cases where problems occur they will contact you directly by phone, letter or other means. Even if an email looks authentic, it more than likely isn't. For example, did you know that a link can say one address but actually go somewhere completely different. You could click on a link that said www.paypal.com, but get taken instead to www.stealallyourmoney.com.

  • VISIT SITES DIRECTLY

If you are going to visit any site where you intend to enter your account details or similar, you should only go there by typing the site's address directly into the browser address bar, not by clicking a link in an email. This is the only way to be sure you are visiting the real site and not some sort of spoof.

 

Since January 1, 2008, we have had counter visitors.

Sam Houston State University A Member of The Texas State University System