IMMEDIATE ALERT: Phishing Attacks at NAU

Date Created: 11/15/2013 9:47:05 AM

Phishing on blue with hook 350


Once again, a massive phishing attack is seeking the gullible at NAU. This particular version, shown below, might seem pathetically inept, combining poor sentence construction, chaotic capitalization, comma-spliced sentences, and a ridiculous response email address. Yet despite the near self-parody of a bad phishing email, this one will nevertheless snag a few victims. Don't be one of them. See how many red flags you can spot:

Account Upgrade
Dear User, 
 
The school's webmail system is undergoing an Account Upgrade Process.You are hereby required to verify your Account by Providing your NAU Webmail UserID and Password in the underlying format,otherwise your account will be deactivated from the school webmail database within the next 72hours. 
 
UserID: 
password: 
 
NAU HELPDESK SERVICE. 
@education.org

Phishing refers to emails that use a fraudulent process of attempting to acquire sensitive information such as usernames, passwords or other secure information. These emails may be received from what looks like an official, trustworthy NAU account, but a little closer look and you can spot the fraud.

As a reminder, NAU will never request email account holders to enter username or password information on any web site that is not clearly an official NAU website. Your personal identification and financial information (such as student account or payroll) might be at risk if an attacker gains access to your NAU accounts. Additionally, unauthorized access to your accounts may allow attackers to gain access to other NAU confidential information and cause further harm.

Students with questions about the legitimacy of an email may contact the Student Technology Center at (928) 523-9294, and employees may contact the Solution Center at (928) 523-1511. Report any phishing email you receive by following the instructions on this website, Email Phishing.

Learn how to detect fraud at How to Spot a Phishing Scheme.