Some fraudulent attempts to get money from people have been operating for years using standard postal services.They have now become even more commonly sent as emails. Most frequently seen is the Nigerian Scam and its offshoots , a growing problem is the "Bank detail confirmation" scam. These are well known to the authorities who are not interested in every individual mail message received so please don't report these. But do be careful! Hoaxes are warnings of non-existent viruses, but they can still be disruptive as they persuade people to forward the messages to many others, or sometimes to delete files from their computers. They may also increase the distress and distrust in users. There is a useful list of real and hoax viruses on the Snopes website. Alternatively, try one of the sites of those who provide antiviral software, and full databases of known viruses and hoaxes. An example is Symantec. But users should be aware that there is always a delay between new viruses appearing and information appearing on these pages, so any unusual email should be treated with suspicion. UWA Phishing ScamsUWA has been receiving a large number of scam emails, claiming to come from UWA IT departments, requesting that users confirm their email addresses by replying to the emails with their email usernames and passwords. These emails are known as 'phishing' scams, and originate from spammers outside of the University. These emails are fake, and should be ignored. Replying to any of these emails may result in your account being hijacked by spammers, to send more spam emails out. UWA will never ask you to send your password in an unsolicited email. An example of one of the phishing scams is: Subject: UPGRADE YOUR uwa.edu.au EMAIL ACCONT NOW!
From: The University of Western Australia Email Service <helpdesk@uwa.edu.au>
Reply-To: Email.Upgrade@Grad.com
Text of message:
Dear Valued Customer,
This message is from uwa.edu.au messaging center to all uwa.edu.au email account
owners. We are currently upgrading our data base and e-mail account center. We
are deleting all uwa.edu.au email account to create morespace for new accounts.
To prevent your account from closing you will have to update it below so that we
will know that it's an existing and presently used account.
CONFIRM YOUR EMAIL IDENTITY BELOW:
Your Name :
Contact Address:
Email Username :
EmailPassword :
Phone Number:
Warning!!! Any Account owner that refuses to update his/her email account within
Seven days of receiving this warning will lose his/her account permanently.
Once again sorry for the inconviniencies but is for your own protection.
Thank you for using uwa.edu.au!
Warning Code:VX2G99AAJ
Thanks,
WEB TEAM LEADER
Note the faked 'From' address to make it look legitimate, and the non-UWA 'reply-to' address to which any replies are actually sent. This is a common theme across all the phishing scams, although the actual addresses and message body are different across the different phishing scams. ITS maintains a Status & Notices website, which is kept updated with details of all new phishing scams as our IT Security staff are made aware of them. If you do receive one of these scam emails and are unsure of its authenticity, please compare it against the scams recorded on the Status & Notices website, or contact your local IT support staff. Please do not reply to the phishing emails, even to ask if they are authentic, as this confirms your email address to the spammers as being an active address, possibly resulting in an increase in spam sent to your account. If you have replied to one of these messages, please change your account password as soon as possible, to prevent your account becoming compromised. Nigerian ScamsThere has been a rapid growth in "people asking you to send them money, in order that they can get more money out of their country" emails (originally the country involved was Nigeria ). This is basically a scam to get you to send them money, you won't receive anything back. These messages are so common that it is best to just delete and ignore. Bank Account ScamsRecently there have been a wave of "bank account" details scams. An official looking email arrives telling you to click on a link to update or confirm your bank account details (often the given reason is for security reasons). Never trust an email that comes to you unannounced from your bank reqeusting you to log onto a website. It is very easy to disguise where a link in an email takes you. www.commonwealthbank.com.au looks like it should take you to the Commonwealth Bank site, but may actually take you to http://badguys.steal.money.somewhere/ If you think a message may be legitimate, always type the address of the company in manually yourself. Don't rely on copying and pasting the link from the email, as this may retain the underlying link. Sending SpamMessages warning you that you are sending out spam should be treated with caution, as there are a number of fake emails in circulation. Signs that the email is not legitimate are: - Poor grammar or spelling (not a definitive sign as Support staff are fallible).
- If it asks you to follow instruction contained in an attachment. ITS support will never send instructions attached to an email unless explicitly requested by a user. Where ever possible we will include instructions in the plain text of the message, or point you to a web page or downloadable file online.
If you are unsure of the legitimacy of an email, forward the email and your question to the ITS Service Desk. Fake Virus EmailsThe panic caused by computer viruses has also led to "hoax" virus messages. These typically claim that a file on your computer has a virus, and you should search for this file and delete it. These can be important system files and deleting can result in anything from no noticeable change, to completely breaking your computer. Always check with your section's IT staff if you think you may have a virus. |