Home

Phishing Attempt -- Verify Your Email

 

Reported on: August 31, 2009

Description: A phishing attempt has been reported supposedly from Hawaii Webmail Team.

Action: Please do NOT reply to the email. To prevent compromises:

  • NEVER send your password or other confidential personal information in response to email. No responsible entity requests information this way.
  • DO NOT REPLY to suspect mail. It just demonstrates that you're a live target.
  • Make sure you're up-to-date with all operating system updates.
  • Make sure you're up-to-date in any anti-virus and anti-spyware updates.
  • Don't save passwords to your email account on your system .

Sample Message:

---------- Forwarded message ----------
Date: Sat, 29 Aug 2009 08:37:29 -0400
From: HAWAII WEBMAIL TEAM <webupgrade@hawaii.edu>
Reply-To: webupgrade@rocketmail.com
To: undisclosed-recipients:  ;
Subject: Verify Your Email

Dear https://mail.hawaii.edu/ Webmail Subscriber,


This message is from https://mail.hawaii.edu/uwc/auth/
messaging center to all https://mail.hawaii.edu/
Account owners. On Saturday, August 29,2009, from 12:00 AM until 11:59
PM,all Mailbox systems will undergo regularly scheduled maintenance.

Access to your e-mail via the Webmail client will be unavailable for
sometime during this maintenance window. We are currently upgrading our 
data base and e-mail account center - see homepage. We are deleting all
https://mail.hawaii.edu/ email account to create more space for new accounts.

To complete your  Webmail account, you must reply to this email
immediately and enter your CORRECT

EMAIL ADDRESS:
PASSWORD:
RETYPE PASSWORD:
DATE OF BIRTH:


immediately for upgrading, Failure to do this will immediately render your
Email address deactivated from our database. Once we have updated your
account current records will be sent your Online Account and your service
will not be interrupted and will continue working as normal.

Thank you for using https://mail.hawaii.edu/

HAWAII WEBMAIL TEAM
Hawaii Internet Services

 

 

Background Information: There has been a recent rash of phishing scams targeted at UH/HCC email account holders. Phishing is the criminally fraudulent process of attempting to acquire sensitive information such as usernames, passwords and credit card details by masquerading as a trustworthy entity in an electronic communication. Communications purporting to be from financial institutions, educational institutions or IT Administrators are commonly used to lure the unsuspecting. Phishing is typically carried out by e-mail or instant messaging.