Do not respond to these messages or click on any embedded links.  Please forward these messages as an Outlook attachment to abuse@purduecal.edu.

Purdue University, other organizations or businesses will never ask you for sensitive or protected information via E-Mail.

If you have any questions or concerns or you feel your computer was contaminated by malware, please E-Mail the Customer Service Center at csc@purduecal.edu or you can call them at extension 2888 option 2.

—–Original Phishing Message—–

From: noreply@purdue.edu [mailto:noreply@purdue.edu]

Sent: Tuesday, February 19, 2013 6:35 AM

Subject: Email Box Security Alert…

Purdue User,

This is to notify you that an unauthorized IP address 845.173.12.1 has been detected by our web admin login into your Email box.  You are requested to verify and upgrade your Email account manually for our new online security service by login into your Email account with the below link. You need to verify your Email User name and Password to secure your mailbox.

http://webmailadmin-login.voici.org/

Thank You

purdue.edu Admin

—–End of Message—–

Purdue Calumet, other organizations or businesses will never ask you for your password or other sensitive and protected information via E-Mail.  Please be careful when you click.

If you have any questions or concerns please contact the Customer Service Center via E-Mail at csc@purduecal.edu or via phone at extension 2888 option 2.

From: William P McLauchlan [mailto:mclauchl@purdue.edu]
Sent: Friday, November 02, 2012 3:42 PM
To: mclauchl@purdue.edu
Subject: Info.

Dear Email User,

This to inform you that you have almost exceeded your mailbox size in our database. You have used 19.2GB out of your allocated 20.5Gb. You will be unable to send/receive mails as soon as you reach your mailbox limit. Please delete your sent items and empty your deleted items (thrash) to free up some space in your mail box, you are also required to upgrade to our new 25GB Webmail. Click UPGRADE NOW below to automatically upgrade your mailbox.

UPGRADENOW

This will automatically reset/upgrade your mailbox size into the new 25GB faster and better webmail system.

You will be notified as soon as upgrade is completed.

Thanks for your co-operation.

William P. McLauchlan.

Microsoft Exchange Zimbra Server.

***********************************************************************************************

Do not reply to this email, click on the link to automatically upgrade your mailbox.

***********************************************************************************************

The bugs are in Java 7 also known as version 1.7 and affect Windows, Mac OS X and Linux operating systems running a Web browser with a Java plugin enabled.

Researchers are advising computer owners to disable Java in all browsers.  That would be the only solution, right now.  The flaws allow a remote attacker to execute code via a Java applet launched by a victim clicking on a link on a hacker’s website or on a hijacked site. The applet can run with the same permissions that the user would normally have.  It can do anything that you can do with your computer. It can upload documents, install keyloggers and backdoors, basically anything.

Information Services manages the Java version levels for all University owned computers.  We are currently running Java Version 6 (1.6) on University owned computers.  Please do not update your Java version.  Updating your Java version could cause other critical applications on University owned computers to stop working because of compatibility issues.  We are checking computers via inventory systems to detect if any University owned computer is running Java version 7 (1.7).

Please take time to check your personal computers at home.

If your University owned computer is running Java Version 7 (1.7) or if you suspect your University owned computer may have a virus, please contact the Customer Service Center ASAP via E-Mail csc@purduecal.edu or you can call them at extension 2888 Option 2.

a) Staff_Changes(purdue).zip, or similar
b) Any_Staff_Changes_About_Purdue_University.exe or similar
c) Leveraging_Ethernet_Card_Vulnerabilities_in_Field_Devices.pdf or similar

If you receive e-mails with or without attachments from unknown sources or you receive information you did not request in the form of an attachment, do not open these attachments or click on any links embedded in the e-mail.

If you receive one of these e-mails or other suspicious E-Mails, please forward them to abuse@purduecal.edu as an Outlook Item attachment.

Purdue University, other organizations or businesses will never ask you for your password and/or sensitive and protected information via e-mail.  Please be careful where you click.

If you have any questions or concerns please e-mail the Customer Service Center at csc@purduecal.edu , or you can call them at extension 2888 option 2.

You can reach the Customer Service Center by sending them an e-mail at csc@purduecal.edu or you can call them at extension 2888 option 2.

Purdue University, other organizations or businesses will never ask you for passwords, sensitive or protected information via e-mail.  Please be careful where you click.

Please report IT security issues, spam or phishing attempts to abuse@purduecal.edu

Purdue Calumet, other organizations or businesses will never ask you for your password or other sensitive and protected information via E-Mail.  Please be careful when you click.

This is not from anyone at Purdue University Calumet and you should delete it.  The message is designed to steal your login and password.

For more detailed information on these types of email messages please refer to safe e-mail practices.

Thank you for helping to keep our email safe and secure.

How does this happen?

• Phishers tend to rely on the fear factor and try to create a sense of urgency when sending these emails.
• In most cases, they communicate the need for immediate action on the part of the user or essential services, such as the use of email, will be cut off.  They are betting that by creating that small bit of panic in the back of your mind that you will not look as closely at the email as you normally would and somewhat blindly do what the email tells you.

How can you help?

• First of all, Purdue Calumet uses Microsoft Outlook for employee email services.  Notification of ′running out of space′ messages is done from within Microsoft Outlook and the clearing of space is performed by each individual user by either archiving or deletion.  By the nature of this method, you will never see a message from anyone at Purdue asking for action on your part to prevent your account from being disabled.
• Second, Purdue Calumet does not now and never has had any form of WEB-MAIL.  The only way to access Purdue Calumet email using the web is to use the Outlook Web Access Client.  This is a web based client and not web mail.
• Third, be sure to carefully read messages before responding to them.  Make sure that any link in an email goes to where it is intended to go and if in doubt, don’t click it.  In the last phishing attack, there were no references to purduecal.edu or purdue.edu anywhere in the email yet people responded and willingly gave their credentials.
• Fourth, if a link looks legitimate, place your mouse pointer over the link, the link information will appear in a small box.  Make sure it matches and goes to where you intend.
• Lastly, regardless of the situation, no one at Purdue will ever ask for your password whether it be via email, on the phone, or in person.  Anyone that asks for your password should be reported to the Office of the Vice Chancellor for Information Services.

If you have any questions please contact James R. Pardonek, Assistant Director for Information Security and Assurance, at (219)989-2745 or e-mail pardonjr@purduecal.edu.

This email is being used as an attempt to obtain your login and password credentials for the purpose of using your email address to propagate more of these types of messages to others.

This email is not from anyone at Purdue Calumet and you should not click on any of the links in the message.  Purdue Calumet does not use any form for WEB-MAIL.

Purdue University Calumet Information Services will never ask for your password.

Please delete the email.

If you have any questions please contact James R. Pardonek, Assistant Director for Information Security and Assurance, at (219)989-2745 or e-mail pardonjr@purduecal.edu.

This email is being used as an attempt to obtain your login and password credentials for the purpose of using your email address to propagate more of these types of messages to others.

This email is not from anyone at Purdue Calumet and you should not click on any of the links in the message.

Please delete the email.

If you have any questions please contact James R. Pardonek, Assistant Director for Information Security and Assurance, at (219)989-2745 or e-mail pardonjr@purduecal.edu.