Computing & Information Services

Threat Status History

Warning! your apple account has been frozen temporarily - Posted

At first glance, this message may appear to be legit. The email is purportedly from Apple. A quick mouse hover over the "Verify Now" link reveals a non-Apple website. Don't fall for this phish!

From: "Apple" <no-reply@apple.com>
Subject: Warning! your apple account has been frozen temporarily

Apple phish


Reed College | CIS | Help | E-Mail Clients - Posted

Don't be fooled by this phishy email! Although the link in the message looks like a Reed website, it redirects you to a different site. Don't enter your username or password!

From: Reed College
Subject: Reed College | CIS | Help | E-Mail Clients

Dear Reed College E-Mail Client,

This Email is from Reed College Computing & Information Services - CIS.

The Reed College email policy requires the CIS to send an e-mail communication to you informing you of this emergency updates.

Reed College will be making some vital e-mail account maintenance to ensure high quality in Internet connectivity, in other to boost our sever's anti-spam & anti-phishing server capacity.

All Mail-hub systems will also undergo regularly scheduled maintenance operation. To keep your account active during and after this process, kindly follow the University's email-account re-verification link below;

http:/Reed-College/CIS/Upgrade

Reed College
3203 SE Woodstock Blvd  Portland, OR 97202, United States

Copyright © 2013 Reed College Computing & Information Services

--------------------------------------------------------------

The link in the message redirects to a website that looks like this:

Phishy website


Phishing message that appears to come from CUS! - Posted

The following message appears to come from the CUS Help Desk, even though we did not send it! This is just another clever attempt by the phishers who want to trick you into revealing your username and password. Do not follow the link in the message or enter your login information.

From: "CUS Help Desk" <cus@reed.edu>
Date: June 20, 2013 7:12:13 AM PDT
Subject: Reed Email Sign-in Alert

We detected a login attempt with valid password to your Reed email account from an unrecognized device on Thur Jun 20, 2013 07:08 AM EET.
Location: Germany (IP=81.169.136.48)
Note: The location is based on information from your Internet service or wireless carrier provider.

Was this you? If so, you can disregard the rest of this email.
 
If this wasn't you, please LOGIN HERE to confirm your ownership of this account and to protect your email account information from potential future account compromise. The office of Information Security will keep this updated if information should change, but we encourage all users to run their updates after the expected release of this patch.

Computer User Services (CUS), Help Desk
Computing & Information Services
(503)777-7525
cus@reed.edu
-------------------------
© Copyright 2013 Reed College. All rights reserved.

Phish of a phish - Posted

This phishing email warns about being phished!

Phish of a phish

Information Technology Services Help Desk - Posted

It's true that Reed is migrating email to Gmail, but the following email is a phish. Don't be fooled!

Subject: Information Technology Services Help Desk
Date: Wed, 29 May 2013 14:04:32 +0300
From: Reed College <noreply@reed.edu>


Dear User,

Reed College has upgraded the webmail server to a new and more secured
2013 version.

This will enable your webmail take a new look, with new functions and
anti-spam security.

You are advised to "Click" and "Follow" the link below to upgrade and to
enable advanced security features;



http:/reed.edu/upgrade/information
<http://www.123contactform.com/form-591263/Reed-College>



Reed College,
3203 Southeast Woodstock Boulevard,
Portand, Oregon
Copyright © 2013•
------------------------------------------------------------

Phishy website


Missed Package Delivery - Posted

Many Reedies are receiving the following email and wondering if it is legit. The red flag is the web address. If you hover your mouse over the URL (but don't click on it!), you will see it is redirecting to a bogus website.

From: US Postal Service <tracking@usps.com>
Subject: Missed Package delivery

USPS phish


Notice of Tax Return for Year 2012 - Posted

It's tax season and the phishers are trying to take more of your money! Do not be fooled and don't click on the link in the message.

IRS

Your Order - Approved - Posted

Be suspicious if you receive an email about an airline ticket you didn't purchase. Various forms of this email will use other airlines. Don't click on the links in the message!

Subject: Your Order#846280172 - APPROVED
From: Delta Airlines <tickets@delta.com>

Dear Customer,


Your credit card has been successfully processed.

FLIGHT NUMBER DT846280172US
ELECTRONIC 846280172
DATE & TIME / APR 14, 2013, 12:45 AM
ARRIVING / Washington
TOTAL PRICE / 501.33 USD

Please download and print your ticket from the following URL :

https://www.delta.com/flifo/servlet/DeltaDLTicket?airline_code=DL&flight_number=DT610372917US&order_date=04/08/2013&request=main

<http://www.themarinasideresort.com/docs/delta_ticket_pdf.zip>

For more information regarding your order, contact us by
visiting :
https://www.delta.com/content/www/en_US/support/talk-to-us.html


Thank you
Delta Airlines.


[Info] Important Email Migration? - Posted

Though Reed is migrating email to Gmail, the message below is just phishing for your information. Do not click on the link in the message!

Subject: [Info] Important Email Migration?
From: Admin announcement

Migration to the new email server has commenced, you are required to validate your webmail account here <http://skyviperpc.com/images/...> for upgrade to take effect.

Users who do not upgrade there account may loose important data information in there mailbox. Please click here <http://skyviperpc.com/images/...> to update details.


Breaking News - Posted

If you receive the following email, don't be fooled into clicking on the link and filling out the requested information! It's just a ploy from phishers who want your username and password.

From: admin@reed.edu
Subject: Breaking News

Dear Email user,
We have upgraded our server to more secured version.This is to protect and prevent unauthorized access to your email account.You are require to upgrade your account to secured version by Clicking here or on the secure link below
secure/reed.edu
The personal information requested is for the safety of your account. Please leave all information requested to avoid account deactivation.
Thank you
©2012 Reed College

The link takes you to a form on a 3rd party website:

Phish Form


"Richard Wilson commented on your Wall post." - Posted

If you get an email from someone you don't know, then do NOT click on any links in the email! The links in the phishing message below will not take you to Facebook. In fact, Facebook didn't even send this message (it's easy to make your email say "From:" whomever you want!). Instead, clicking a link in the email below would run malicious JavaScript code that would infect your machine with a virus. The way this phishing message is crafted, it will do things to your computer without your permission. Don't let that happen to you! Never click on links in emails from people whom you do not know!

Subject: Richard Wilson commented on your Wall post.
From: Facebook <comments@faceboook.com>
Date: 2012.08.08 8:45 AM

screenshot of phishing message


Good News - Posted

This latest phishing email is nothing but bad news! Don't be fooled into submitting your username and password in the google form linked in the email.

From: Reed College News Forum <news@reed.edu>
Subject: GOOD NEWS

You can now login to Reed College news forum and get the latest information and news/update. Please use the database link: https://docs.google.com/a/blumail.org/spreadsheet/viewform?formkey=dGlsd.... to login for more information about this service.

Sign,
HELPDESK
©2012 Reed College.
Reed College | Phone: 503-771-1112 | Fax: 503-777-7769 | Address: 3203 Southeast Woodstock Boulevard, Portland, Oregon 97202-8199


"New Secure Message Regarding Your Reed College Webmail" - Posted

Don't be fooled into entering your Reed username/password on a cleverly crafted non-Reed login page designed to look like the real thing. This phishing email started to surface on April Fool's Day. This is no joke!

The phish email
The following is what a user would see if they clicked on the "Click here to Log In" link from within the email. The website looks legitimate, but is it really? Click on the image below to learn more!

Fake login page

Compare the above phishy web page to Reed's legitimate login page (featured below). How can you tell the difference? Click on the image below to learn more!

Reed's Legitimate Login page


New Outlook Web Access - Posted

Several variations of this phishing email are landing in the Inboxes of Reedies. This one cleverly refers to our transition to a new Webmail interface, "Reedcube". Although it is true that we are switching to a new Webmail interface, this email is hoping to steal your Reed credentials by tricking you into entering them on a bogus website. Don't be fooled by this one!

Reed College is migrating its email system, this migration will provide Reed mail users with many benefits including additional inbox storage (5GB), a more robust webmail solution (more secure Outlook Web Access), mobile device support and an integrated email and diary.

Please Click HERE to complete the migration steps through the login

before your account will be fully available.

 

©2012 Reed College

The website linked in the phishing email:

Phishing website

 


Your Amazon.com order has shipped! - Posted

Here is a different phishing approach that pretends to be from Amazon about an order that has shipped. Variations of this message will include a different product than shown in the example below. Don't click on the link in the email! It's just an attempt to get you to reveal your username and password!

Subject: Your Amazon.com order of "Canon Pixma MX882 Wireless Office All-in-One Inkjet Printer" has shipped!

Shipping Confirmation
Order # 365-5894215-2021338

Your estimated delivery date is:
Tuesday, December 22, 2011

Track your package Thank you for shopping with us. We thought you'd like to know that we shipped this portion of your order separately to give you quicker service. You won't be charged any extra shipping fees, and the remainder of your order will follow as soon as those items become available. If you need to return an item from this shipment or manage other orders, please visit Your Orders on Amazon.com.

Shipment Details

Canon Pixma MX882 Wireless Office All-in-One Inkjet Printer $119.95
Item Subtotal: $119.95
Shipping & Handling: $0.00
Total Before Tax: $119.95
Shipment Total: $119.95
Paid by Visa: $119.95

You have only been charged for the items sent in this shipment. Per our policy, you only pay for items when we ship them to you.

Returns are easy. Visit our .
If you need further assistance with your order, please visit Customer Service.

We hope to see you again soon!
Amazon.com


 View Current Threats