Scam Alert: Spearphishing Campaign Targets ISU
Some ISU employees have received phishing emails trying to exploit the ITS migration to Exchange 2010 to steal passwords and personal information. They look similar (but not necessarily identical) to this one:
Subject: Helpdesk: Upgrade to the New 2012 Mail Server Immediately Date: Sun, 29 Jan 2012 14:13:16 -0700 From: (obscured) To: Undisclosed recipients Dear Account Owner, We are currently migrating to Microsoft Exchange 2012 (from Exchange 2003/2011). With the introduction of Internet Explorer 9, Outlook Express has apparently been removed from the installation package on our Message Center. OWA 2012 provides the same conversation view and experience as Outlook 2011: By default, messages are displayed in threads so that all the messages on a particular topic are grouped. Inability to complete information on the form within 48 hours Message Center will render your e-mail in-active from our. Fill information on the Form by clicking on the link below: (URL removed for security.) You will receive an e-mail within 48 hours when your mailbox account is moved. Thank you. Help Desk (c)2012. All Rights Reserved
The link in the form takes you to an off-campus website form asking for your Net-ID, password and other personal information. This is a malicious attempt to obtain your password and personal information. These messages do not originate with IT Services, and you should not follow the link; just delete the message.
The migration to Exchange 2010 does not require any action on your part, and if you use Outlook and all goes well you should not see any difference when the migration happens, although you may have to restart Outlook. As always, IT Services will never ask for your password in an email, and ITS will never direct you to enter your password on an off-campus web page.
If you have any questions regarding this information, contact the Solution Center.