There are a number of e-mails arriving in student and personnel accounts that have malware/virus infected attachments, usually *disguised* as .html files.
The e-mails have subject lines like “UCount reward confirmation” and “Confirmation of epayment” and have .html attachments. After clicking the link on the webpage that appear, you will be sent to a fraudulent site, which looks just like the institution’s web site and you will be asked for various sensitive information. Although the Trojan attachment does not install anything into the system, it utilizes the “social engineering” technique to force users fill in their personal data on a fraudulent web site.
- Always beware when asked for private information.
- Do not click on links in e-mail and do not copy-paste them into your browser.
- Open a new browser window and type in the company’s correct address.
- Make sure such requests are genuine by, for example, calling a known company’s phone number.
- Do not send sensitive information by e-mail. Legitimate companies do not ask you to send important data by e-mail.
Be careful out there. The reason why scammers are so successful is because they catch people regularly!
[ARTICLE BY DAVID WILES]
