PHISHING ALERT: uTech Warns WIU Community of Phishing Scam

phishing_screenshotOn July 12, 2016, many members of Western Illinois University received a phishing email scam. Phishing is defined on dictionary.com as the following: to try to obtain financial or other confidential information from Internet users, typically by sending an email that looks as if it is from a legitimate organization, usually a financial institution, but contains a link to a fake website that replicates the real one. That is exactly what happened here. The email that is under investigation was published in an article by uTech. They removed the malicious links and bogus email addresses. The email in question said the following:

Your email account Has Been Dictated the one of the account in our data base que needs to be re-validate for maintenance and virus scanning.Your account is running at low speed storage of 32GB. Please click on the link below to re-validate your account for the new storage speed of 64GB Very Important. 
Enter here: [link removed]
Mail your account will be permanently terminated in a short time for failure to adhere to our urgent notice.
Thank you for your cooperation.
Western Illinois University Management Support
© 2016 Webmail admin All Rights Reserved.
uTech has instructed everyone who received the email to do the following:
  1. Report it as phishing within Gmail. (Click this section to report the website or any website in question of phishing)
  2. Delete it.
  3. Do not reply to it.
  4. Do not click on any links within the email

The image below is what the phishing website looked like. There were many obvious signs that this website was a fake WIU Sign On page. The address didn’t match the http://auth.wiu.edu/. There was an obvious typo and the WIU logo was displayed incorrectly.

phishing_screenshot

Photo Credit: University Technology

 

 

 

 

 

 

Photo Credit: University Technology

Photo Credit: University Technology

In addition to the article being published, an email went out to the University Community informing them of the scam.

Again, if you received this email, please delete it and do not go to the link. If you were a victim of this scam, please go to GUAVA at www.wiu.edu/guava and reset your password immediately. If you have any questions or need help resetting your account, contact uTech as soon as possible at (309)-298-2704 or you can visit this link http://www.wiu.edu/university_technology/support/index.php for other ways of receiving support. uTech also published some tips in their article with regards on how to recognize Phishing Emails. You can find those tips at http://www.wiu.edu/university_technology/announcements/phishing_example.php