CofC Logo
Ask the Cougar

Archives For phishing

Phishing Attempt

By Monica Lavin
Posted on 29 June 2015 | 10:11 pm

Information Security has been alerted to a Phishing email that is being delivered to accounts at the College. This does not indicate that your account has been compromised. The e-mail has the subject: “Fraudulent CC charge from XXXXXXXX@cofc.edu.

The body reads:

“I have this $582 charge on my card from XXXXXXXX@cofc.edu

I am attaching my credit card statement, please cross reference it with your data and tell me what this is.

I wanted to contact you before I call the authorities.

Regards,

Derek L. Cody”

The email is being delivered with an attached file titled “Statement.doc”

Please do not open the attachment and immediately delete the email and empty your “Trash” folder.

If you have any questions or concerns, please contact the Information Technology Helpdesk at (843) 953-3375 or by emailing helpdesk@cofc.edu.

Holiday Season Phishing Scams and Malware Campaigns

By Monica Lavin
Posted on 2 December 2014 | 8:08 am

The Information Security team would like to share some Holiday Information Security Tips provided by the United States Computer Emergency Response Team (US-CERT). This is an especially active time for scammers!

As the holidays approach, we would like to remind you to be aware of seasonal scams and cyber campaigns, which may include:

  • electronic greeting cards that may contain malware
  • requests for charitable contributions that may be phishing scams and may originate from illegitimate sources claiming to be charities
  • screen savers or other forms of media that may contain malware
  • credit card applications that may be phishing scams or identity theft attempts
  • online shopping advertisements that may be phishing scams or identity theft attempts from bogus retailers
  • shipping notifications that may be phishing scams or may contain malware

We also encourage you to use caution when encountering these types of email messages and take the following preventative measures to protect yourself:

Phishing: Don’t Take the Bait

By Monica Lavin
Posted on 17 October 2014 | 10:39 am

Watch this video for a very simple explanation of phishing. Don’t take the bait. Be informed. Report suspicious activity. Learn more at http://www.dhs.gov/national-cyber-security-awareness-month-2014.

Date: January 25, 2014
Time: 5:00PM

Description: On Saturday, January 25, 2014 at 5:00PM, Information Technology will upgrade a critical component of the faculty and staff email system (CofC.edu). This upgrade will provide improved spam, virus, and phishing protection. There will be no disruption in service and no email will be lost during the upgrade. Additionally, your Outlook email rules will not be affected.

This spam filter upgrade will:

  • decrease the amount of spam and phishing emails that you receive;
  • allow faster intervention if an account becomes compromised;
  • allow on and off ­campus blocking of malicious phishing links and malware;
  • minimize system damage and reputation issues caused by compromised accounts.

Please be aware that after the upgrade on January 25th, you will notice a change in the spam digest reports that you will receive (see below for example). For the first 48 hours, you may receive a quarantined email summary (also known as spam digest reports) from two different senders: BWSadmin@cofc.edu and SpamDigest@cofc.edu. These senders are valid and should not be treated as a phishing attempt. Please carefully check the emails in your quarantined email summary and click Not Spam if any valid emails were accidentally quarantined. Unlike our old system, your actions will improve the new system’s accuracy over time. Since the new quarantined email summary will differ from your current report, please view the documentation at https://blogs.cofc.edu/it/files/2014/01/SpamDigest.pdf.

Additionally after the upgrade, you will notice a change in how links appear in your email messages received from outside our network.

Tooltip Example

Tooltip Example

All incoming links (URLs) will display a tooltip that shows the link as “URLdefense.Proofpoint.com”.  If it is a legitimate link, it will be resolved properly when clicked.  If it is a bad link (such as a phishing website), you will be redirected to an informational campus webpage to protect your identity and your computer from hackers. In the example below – by hovering over a link – a tooltip appears.  Normally this tool tip from Yahoo would show as http://yahoo.com.  With the link protection, the URL will look like the example to the right.

Quarantined Email Summary Example: The old system’s quarantined email summary that you receive is from BWSadmin@cofc.edu. After the upgrade, you will receive quarantined email summaries from SpamDigest@cofc.edu. You will only receive a quarantined email summary only if you receive spam. The system will automatically send you the summary at 6am daily. Using the quarantined email summary, you can view and release any valid emails. Users can also click Safelist and the system will automatically add the sender to your safe senders list.

New System's Quarantined Email Summary

You can also view your quarantined email summary at http://quarantine.cofc.edu from on and off campus. You will be prompted to login with your CofC username and password. Visit https://blogs.cofc.edu/it/files/2014/01/SpamDigest.pdf for further documentation.

If you have any questions, please contact the Helpdesk at 843-953-3375 or Helpdesk@cofc.edu.

Don’t fall for the phish trick

By Hannah Swanson
Posted on 17 November 2011 | 4:36 pm

The Oxford English Dictionary defines phishing as “Fraud perpetrated on the Internet; spec. the impersonation of reputable companies in order to induce individuals to reveal personal information, such as passwords and credit card numbers, online.”

Everyday thousands of email messages are sent to and from the College of Charleston.  Unfortunately some of these messages are phishing, sent in hopes that you will respond with your login, password, or other personal information.  Phishers often use email as their preferred method of attack. The email will appear to have been sent from an authoritative source using a name like Helpdesk, Webmail Help Desk, Webmail Team, Webmaster, CofC Webmaster. The trick to identifying phishing is not just in the sender’s name or email address, but in what the email asks you to do. The email will typically request that you send your username and or password to the requestor by either replying to the email or visiting a website link included in the email. If you see any request for username or password in an email, you have got phishing. No department or unit at the College of Charleston will ever request your username and or password by email or phone.

If you see any of the following phrases in an email, you have phishing.  Please delete the message.

  • You have exceeded the storage limit on your mailbox.  Please Copy/click the below link and fill the upgrade form.
  • This is to inform you that you have exceeded your email quota limit of 325MB and you need to increase your email quota limit because in  less than 48 hours your email will be disable.  To increase your email quota limit to 2.2GB, , you must reply to this email immediately and enter your account details below.
  • We regret to inform you that all PayPal Manager accounts are LOCKED.  Please download the file attached to this e-mail and follow the steps to re-activate it.

Help fight phishing by educating yourself to recognize these email scams and never responding to any request for your login and or password by email or phone.  Visit http://it.cofc.edu/security/phishing/ to learn more.

Phishing Attack- email delayed

By Monica Lavin
Posted on 2 November 2011 | 10:44 am

You may receive non-delivery email messages from a number of email providers, including Hotmail, AOL and Comcast.  This is the result of a compromised email account that sent out thousands of spam messages.  Because of this we have been blocked by some mail systems as spammers.  Most of these blocks will be removed within the next 24-48 hours—some may take longer.  Each email provider has their own set of rules and delays to protect their users from spam.  We use this same method to protect the College of Charleston Exchange users.

This compromised email account appears to be the result of a College employee responding to a phishing scam, providing their username and password to a criminal.  The phishing message most likely asked the person to click on a link that led to a web-form or replied to an email asking for their login information.    The IT Department at the College of Charleston will never ask you for your login and password by email.  Any e-mail message you receive asking for this information is a Phishing attempt, and should simply be deleted.

We will continue to monitor this issue and provide updates to the College community as they become available. We apologize for the inconvenience and thank you for your patience as we work to resolve this issue.  If you have any questions or concerns please contact the helpdesk at helpdesk@cofc.edu or 953-3375 opt #3.

October 2011 marks the eighth annual National Cyber Security Awareness Month sponsored by the Department of Homeland Security in cooperation with the National Cyber Security Alliance (NCSA) and the Multi-State Information Sharing and Analysis Center (MS-ISAC). The College of Charleston community is encouraged to learn more about cyber security and how to stay safe online from phishing attacks, fraud, and other malicious activities.

Learn more about

Phishing on the rise, don’t take the bait!

By Hannah Swanson
Posted on 27 September 2011 | 1:30 pm

College of Charleston students, faculty, and staff are frequently the target of phishing attacks which attempt to trick users into providing their login, password, id number, pin number, or other personal information. A phisher sends you an email that claims to be from a business or organization that you may deal with — for example, an Internet service provider (ISP), bank, online payment service, college or university, or even a government agency. The message may ask you to “update,” “validate,” or “confirm” your account information. Some phishing emails threaten a dire consequence if you don’t respond. The messages may request you to respond by email or direct you to a website that looks just like a legitimate organization’s site. But it isn’t. It’s a bogus site whose sole purpose is to trick you into divulging your personal information so the phishers can steal your identity, run up bills, send spam, or commit crimes in your name.

Responding to a phishing scam not only puts you and protected information at risk, but also impacts the entire campus.  Phishers will log into your account using the credentials you provided to send more spam and phishing attempts.  These messages trigger email and internet providers (Comcast, Yahoo, Knology, etc.) to block email from the College.  It can take days before these service providers will allow email from the College again.

If you receive a phishing message, treat it like spam and delete it.

Learn more about identifying phishing and protecting yourself at http://it.cofc.edu/security/phishing

Skip to toolbar