Recently, a number of University of Colorado employees learned they were victims of cyber theft after responding to a malicious e-mail and finding their pay had disappeared and was not deposited in their bank accounts. Below are a few crucial reminders for all of you.
The University of Colorado will never ask you to provide personal information such as usernames, passwords or Social Security numbers via e-mail. You should never send such information via e-mail.
The campus is being targeted by malicious phishing e-mails falsely claiming to be from the IT Support Centre. The e-mails urge campus account owners to reply and provide user IDs and passwords to avoid account deactivation. These e-mails are not authentic. If you receive one, do not reply or provide information. Delete the e-mail.
If you responded and sent information, please call IT Service Center during regular business hours at 303-735-4357 (5-HELP from a campus phone).
Following is a sample message:
Over the Labor Day weekend, the campus has been targeted by malicious phishing e-mails that appear to be attempts to gain user information by sending an email stating:
" Your Mailbox Has Exceeded The Storage Limit Set By The Administrator please CLICK HERE and fill in the bellow informatons [note incorrect spelling] To enable us to Re-validate Your E-mail Account. Note: Account owner who refuse to Re-validate His/Her account will loose [note incorrect spelling] account within 24 hours. System Administrator."
The campus has recently been targeted by a number of malicious e-mails that appear to be attempts to gain user information such as passwords and bank account information. One recent phishing e-mail was supposedly from Wells Fargo and another related to closing webmail accounts. Individuals who received these e-mails should simply delete the messages.
The campus has been targeted by a malicious e-mail that appears to be an attempt to gain usernames and passwords. Individuals who received an e-mail with the subject line "CULink Centre Request-Internet Support Verify Information (KMM1H4H85FD657L0KMM)" should simply delete the message.