Purdue University are Now Targeted by Phishing E-mail Campaign

A phishing e-mail is presently masquerading and aiming students, faculty, and staff of Purdue University (US), the claimed the University officials, as reported in purdue.edu on February 18, 2013.

The phishing e-mail with the title: "Email Box Security Alert" says "Purdue user, this is to inform you that an illegal IP address 845.173.12.1 has been found by our web admin login into your Email box. You are asked to confirm and upgrade your E-mail account manually for our new online security service by logging in into your e-mail account with the below link. You need to confirm your E-mail user name and Password to secure your inbox.

The above-mentioned text is chased by a link in the phishing e-mail, which demands to be clicked by the user of the phishing e-mail.

The e-mail ended up with a 'Thank You' from purdue.edu Admin.

Cherry Delaney, Security and Awareness Outreach Coordinator, Networks and Security Group at ITP (Information Technology at Purdue), claims phishing t be a hacking method employed throughout the world, according to a statement released by purdueexponent.org on February 21, 2013.

Till now, 100 Purdue students have been affected, and e-mails are still approaching. Universities are a huge target for these types of e-mails as there will always be extra students and faculty approaching.

"We've had 120 affected accounts till now," Delaney claims. Delaney is afraid that if the hackers get into the system, there is a chance that they might use the computers of the students and utilize them in sending out more spam to another students and faculty members.
To classify the e-mails from Purdue with other fake mails, students should be aware. Password or any confidential information that are personal to the students is never being asked through mails.
David Shaw, Chief Information Security Officer at Purdue, believed that the Group is working towards informing people realize how hazardous these emails can turn to be, as per the statement published by purdueexponent.org on February 21, 2013.

IT Officials further said in the event that students have already accessed the e-mails. It is highly recommended that they change their Purdue career account password, password challenge questions, and install Internet security software on their computer's to evade being victimized by such scam e-mails.

Related article: PIRT Brings Down Phishing Sites To Help Limit Damage

» SPAMfighter News - 2/27/2013