UF Computing and Networking Services

IT Security Advisories

May 5th, 2008: E-mail Phishing Alert!

UF users should be aware and not respond to an e-mail with the subject "ufl.edu E-mail upgrade" claiming to need your username and password in order to keep your e-mail account active during a mail server upgrade. This e-mail is a scam targeting UF users in order to obtain your username and password. UF IT administrators will never ask you for your account password, especially in e-mail.

Here is the full text of the phishing e-mail message:

From: 	 webmaster@ufl.edu 
Subject: ufl.edu E-mail upgrade.
Date: 	 Mon, 5 May 2008 12:55:15
        
Dear ufl.edu Account Owner,

This message is from ufl.edu messaging center to all ufl.edu
email account owners. The Office of Information Technology is
in the process of migrating all ufl.edu email accounts to upgraded
central e-mail services.  We are deleting all unused ufl.edu email
accounts to create more spaces for new accounts.

To prevent your account from being closed, you will have to provide
the information below to update it so that we will be sure that
your account is still active presently.

CONFIRM YOUR EMAIL IDENTITY BELOW:

E-mail Username : .......... .....
E-mail Password : ................
Date of Birth : ................
Location : ................

Warning!!! Account owner that refuses to update his or her email
account within 30days of receiving this warning will lose his or
her email account permanently.

Thank you for using ufl.edu

Warning Code:VX2G99AAJ
Case ID is 1578207.

Kind Regards,
ufl.edu Webmaster.
Please accept our apologies for the inconvenience.

---

May 1st, 2008: E-mail Phishing Alert!

UF users should be aware and not respond to an e-mail with the subject "Attention subscriber!!!" claiming to need your username and password in response to a computer virus outbreak. This e-mail is a scam targeting UF users in order to obtain your username and password. Remember, UF IT administrators will never ask you for your account password, especially in e-mail.

Here is the full text of the phishing e-mail message:

From: UNIVERSITY OF FLORIDA 
Date: Thu, 1 May 2008 17:10:36
Subject: Attention subscriber!!!

Dear subscriber

Notification from UNIVERSITY OF FLORIDA EMAIL, We Notice that some of our
subscribers are introducing a virus into our NETWORK and it is affecting
our SYSTEM.For this simple reason,we advice that all subscribers of
UNIVERSITY OF FLORIDA EMAIL should provide us with the below information
so that we can prevent the ACCOUNT from the virus. Kindly note that
failure to provide this information will lead to their Email Account
termination within 48 hours.

Information Needed:
Full Name:
User Name:
Password:

Brown Walter
Customer Care Center.

---

January 15th, 2008: E-mail Scam Alert!

The UF community should be on alert for a fraudulent e-mail message (subject: "VERIFY YOUR UFL EMAIL ACCOUNT NOW") which is currently circulating on the Internet. This message is a 'phishing' scam -- an attempt to lure recipients into revealing personal information for the purpose of identity theft.

Please do NOT respond to the "VERIFY YOUR UFL EMAIL ACCOUNT NOW" message!

Any legitimate communication from UF regarding your account will include a telephone number you can call to verify the authenticity of the message.

And in any case, you should never share your UF/GatorLink password with ANYONE! Not your spouse/partner, children, best friend, Help-Desk tech-support person, nor ANYONE! EVER!

See the UF Security ID Theft and Other Internet Scams page for more information about protecting your identity.

---

Full text of the phishing scam e-mail.

From: UFLTEAM [mailto:uflteam@bellsouth.net] 
Sent: Monday, January 14, 2008 11:44 PM
Subject: VERIFY YOUR UFL EMAIL ACCOUNT NOW
 
VERIFY YOUR UFL EMAIL ACCOUNT NOW
Dear Ufl Email Account Owner,This message is from Ufl messaging center to all Ufl email
account owners. We are currently upgrading our data base and e-mail account
center. We are deleting all Ufl email account to create morespace for new accounts.
 
To prevent your account from closing you will have to update it below
so that we will know that it's a present used account.
 
CONFIRM YOUR EMAIL IDENTITY BELOW
 
Email Username : .......... .....
EMAIL Password : ................
Date of Birth : .................
Country or Territory : ..........
 
Warning!!! Account owner that refuses to update his or her account
within Seven days of receiving this warning will lose his or her account permanently.
 
Thank you for using Ufl.edu!
Warning Code:VX2G99AAJ
Thanks,
Ufl.edu Team
UFL.EDU BETA

---

Another version of the same fake e-mail looks like this:

From: "ACCOUNT VERIFICATION" <varification02@bellsouth.net>
To: "ACCOUNT VERIFICATION" <varification02@bellsouth.net>
Subject: UPGRADE YOUR  UFL.EDU WEBMAIL ACCOUNT

VERIFY YOUR UFL.EDU WEBMAIL ACCOUNT
This mail is to inform all our {UFL.EDU} users that we will be upgrading our site in a couple of days from now. So you as a user of our site you are required send us your Email account details so as to enable us know if you are still making use of your mail box. Further be informed that we will be deleting all mail account that is not functioning so as to create more space for new user. so you are to send us your mail account details which are as follows:
*User name:.........
*Password:..............
*Date of birth:................
*Security question:.............
*Security answer:......................
Any mail user that refuses to send his/her details with in the next two(2) da! y of re ceipt this mail, his/her mail account will be erased from the site.