At least hundreds’ of UH faculty and students received a spam e-mail asking for private information prior to the Thanksgiving break.
‘It occurred the weekend before Thanksgiving (and) was contained in that weekend,’ UH IT Interim Executive Director Mary Dickerson said. ‘We received 20 reports through security about it, but more students received it than reported.’
These e-mails, better known as phishing scams, posed as e-mails from the University and requested that the recipient send private information such as usernames and passwords in reply.
‘Phishing e-mails are a common occurrence; (however), we don’t normally get this many reports,” Dickerson said.’ ‘This was a very widespread incident (in terms of) the number of students that received this e-mail.’
The false e-mail, sent via Google’s Gmail, partially reads: ‘University of Houston wish to inform you that we detected some problems in our Data Base due to Error Code 334409.’ The message also requested recipients to send their full names, countries of origin, UH e-mail addresses and passwords.
‘We did contact Google because the reply-to address was a Google mail address.’ Dickerson said.
Dickerson pointed out the suspicion of UH using a Gmail address to contact students.
‘If a UH administrator were going to contact you for something, it wouldn’t make any sense for it to be (through) Google,’ Dickerson said.
The University of Western Australia, which has been dealing with phishing scams since 2008, created a page on its Web site specifically to update students on the latest scams.
‘Our campus community receives phishing e-mails every day. Most people ignore them because the e-mails aren’t sophisticated or convincing,’ Dickerson said. ‘Other e-mail messages have been from banks asking to update records. We continually remind people that we do not ask for personal info over e-mail. If you simply don’t respond to it, you keep yourself safe.’
