SMS
RSS feeds
Reddit
Newsvine
Enlarge
There is something phishy going around campus.
Fraudulent emails that circulated last week addressing the “STANFORD Email Account Owner” proceeded to explain that the “Stanford Team” was upgrading its “email account center.” In block letters, the message asked students to confirm their email identities by responding with username, password, date of birth and country.
The sender’s address is “adminhelpdesk@stanford.edu,” but the reply-to email ends in “googlemail.com.” Another variant of the recent phishing scam was from “stanfordupgrade@live.com.”
Three Stanford accounts have already been compromised by the scam.
The Information Security Office (ISO) sent an email last week to members of the University community after students reported receiving fraudulent emails.
“These messages are used to trick the unwary into giving their account credentials to an anonymous attacker, who then takes over the account and uses it to launch other attacks,” the ISO wrote.
In an effort to combat the scam, Information Technology Services (ITS) blocked the incoming messages on Saturday, and has also blocked the scammers’ addresses at the central servers. However, ITS warned that the email addresses can change frequently, so the solution is not permanent.
Kimball Resident Computer Consultant (RCC) Mike Rodgers ‘08 said that scammers are not generally looking to gain access to Stanford accounts. They will often try to hack into a student’s bank account, assuming that the username and password are the same as those in the student’s school account.
“The Stanford [phishing email] is not well done,” Rodgers said. “I think what makes it compelling is not that it’s well-worded, but that it comes from Stanford.”
“If you look at the email, you’ll see something,” he added. “They throw in the term ‘Stanford,’ but it doesn’t actually end in stanford.edu.”
Some scams are not so hard to distinguish from legitimate emails.
A recent phishing scam from PayPal was “very cleanly worded,” according to Rodgers. By looking carefully at the URL, Rodgers determined that it was not legitimate. The URL and Web site may contain a domain name — like PayPal or Bank of America — but might have an extra string of letters and numbers on the end.
Not all students use Bank of America or Citibank, so the chances of students buying into those scams are fairly unlikely. The Stanford phishing email was of greater concern, however.
“Everyone has a Stanford account,” Rodgers said.
A genuine email from Stanford administrative services would not ask a student to verify information in an email. It is only by logging into WebAuth, Stanford’s Web Authentication service, that students can ensure that their identity will remain secure.