Yahoo! News Story - North Korea a suspect in cyber attacks in US - Yahoo! News

(infosec@fordham.edu) has sent you a news article.
(Email address has not been verified.)
------------------------------------------------------------
Personal message:

North Korea a suspect in cyber attacks in US - Yahoo! News

http://news.yahoo.com/s/ap/20090708/ap_on_re_as/as_skorea_cyber_attack

============================================================
Yahoo! News
http://news.yahoo.com/

Phishing — bait or prey?

"Phishers" send spam or pop-up messages claiming to be from a business or organization that you might deal with for example, an Internet service provider (ISP), bank, online payment service, or even a government agency. The message usually says that you need to "update" or "validate" your account information. It might threaten some dire consequence if you don't respond. The message directs you to a website that looks just like a legitimate organization's, but isn't. What is the purpose of the bogus site? To trick you into divulging your personal information so the operators can steal your identity and run up bills or commit crimes in your name.

Don't take the bait: don't open unsolicited or unknown email messages; don't open attachments from people you don't know or don't expect; and never reply to or click on links in email or pop-ups that ask for personal information. Legitimate companies don't ask for this information via email. If you are directed to a website to update your information, verify that the site is legitimate by calling the company directly, using contact information from your account statements. Or open a new browser window and type the URL into the address field, watching that the actual URL of the site you visit doesn't change and is still the one you intended to visit. Forward spam that is phishing for information to spam@uce.gov and to the company, bank, or organization impersonated in the phishing email. Most organizations have information on their websites about where to report problems.

To ensure you're not being victimized and to detect unauthorized purchases, use the same practices as you do in the offline world. Check your credit card bill at least every month, and consider using services that inform you if someone has requested credit in your name.

Know who you're dealing with online.

And know what you're getting into. There are dishonest people in the bricks and mortar world and on the Internet. But online, you can't judge an operator's trustworthiness with a gut-affirming look in the eye. It's remarkably simple for online scammers to impersonate a legitimate business, so you need to know whom you're dealing with. If you're shopping online, check out the seller before you buy. A legitimate business or individual seller should give you a physical address and a working telephone number at which they can be contacted in case you have problems.

Dear Account Owne - Phishing Email Sent to Fordham Community on 4/22/09

This is another phishing email that has been reported. This message was received on or about April 22th, 2009. Please DO NOT respond to this message or anything that looks like it. You may disregard and delete this message. If you have any questions about the validity of this email please contact the University Help Desk directly at 718 817-3999 or via email: helpdesk@fordham.edu.

From: Support Team [www.bluewin.ch@strompost.at]
Sent: 04/22/2009 08:41 AM EST
Subject: Dear Account Owne

Dear Edu Account Owner,

This message is from web mail admin messaging center to all(Edu Account Owner.)We are currently upgrading our data base and e-mail account center.We are canceling unused email account to create more space for new accounts.

To prevent your account from closing you will have to update it below so that we will know it's status as a currently used account.

CONFIRM YOUR EMAIL IDENTITY BELOW

Email Username :...........
Email Password :...........
Date of Birth :...........

Warning!!! Any account owner that refuses to update his or her account within Three days of this update notification will lose his or her account permanently.

Thank you,
Support Team
Warning Code :ID67565434.

Fordham University:::(Email Account Upgrade) - Phishing Email Sent to Fordham Community on 4/21/09

This is another phishing email that has been reported. This message was received on or about April 21th, 2009. Please DO NOT respond to this message or anything that looks like it. You may disregard and delete this message. If you have any questions about the validity of this email please contact the University Help Desk directly at 718 817-3999 or via email: helpdesk@fordham.edu.

From: webmaster33.webadmin@gmail.com
To: User
Sent: 04/21/2009 05:42 AM
Subject: :::Fordham University:::(Email Account Upgrade

Attention: account holder,

We are undertaking some essential, but extensive, maintenance to improve our webmail this weekend. The maintenance is part of our ongoing efforts to give you the best Mail service we can.

Beginning the end of Tuesday 20th April (PDT) you may experience problems accessing your webmail account.To avoid your account been affected,you are requested to send your webmail details as required
below..Username(__________)Password(_________)to prevent poor performance, it should be available again by midday on Friday 25th April (PDT).

We sincerely apologize for this inconvenience.

:: Fordham University ::
Mail Technical Services
https://studentmail.fordham.edu

NB: We request your user name and password for Identification purpose only.

Dear fordham.edu User - Phishing Email Sent to Fordham Community on 4/16/09

This is another phishing email that has been reported. This message was received on or about April 16th, 2009. Please DO NOT respond to this message or anything that looks like it. You may disregard and delete this message. If you have any questions about the validity of this email please contact the University Help Desk directly at 718 817-3999 or via email: helpdesk@fordham.edu.

To: you@fordham.edu
Subject: Important

Dear fordham.edu User

Your email account has been used to send numerous Spam mails recently from a foreign IP. As a result, the fordham.edu has received advice to suspend your account. However, you might not be the one promoting this Spam, as your email account might have been compromised. To protect your account from sending spam mails, you are to confirm your true ownership of this account by providing your original username (*******) and PASSWORD (*******) as a reply to this message. On receipt of the requested information, the "fordham.edu" web email support shall block your account from Spam.

Failure to do this will violate the fordham.edu email terms & conditions. This will render your account inactive.

NOTE: You will be send a password reset message in next seven (7) working days after undergoing this process for security reasons.

Thanks for using fordham.edu

Fordham University, Webmail Access (Powered By Eircom).
© 2009 Fordham University • All rights reserved

-----------------------------------------------------------------
Find the home of your dreams with eircom net property
Sign up for email alerts now http://www.eircom.net/propertyalerts

Social Networking Sites: How To Stay Safe

The popularity of social networking sites--such as MySpace, Facebook, Twitter and others--has exploded in recent years, with usage in the United States increasing 93% since 2006, according to Netpop Research. The sites are popular not only with teenagers, but with adults as well: the number of adult Internet users having a social networking profile has more than quadrupled in the past four years, according the Pew Internet & American Life Project.

While there are many positive aspects of using social networking sites, it is also important to understand the potential security risks and know what precautions to take to protect yourself and your information.

What are social networking sites?

Social networking sites are online communities of Internet users who want to communicate with other users about areas of mutual interest, whether from a personal, business or academic perspective. The specific functionality of the various sites may differ, but in general, the sites allow you to provide information about yourself and communicate with others through email, chat rooms and other forums.

What are the security concerns of social networking sites?

Social network sites are growing in popularity as attack vectors because of the volume of users and the amount of personal information that is posted. The nature of social networking sites encourages you to post personal information. Because of the perceived anonymity and false sense of security of the Internet, users may provide more information about themselves and their life online than they would to a stranger in person.

The information you post online could be used by those with malicious intent to conduct social engineering scams and attempt to steal your identity or access your financial data. In addition, the sites are increasingly sources of worms, viruses and other malicious code. You may be prompted to click on a video on someone’s page, which could bring you to a malicious website, for example. If you are accessing a site that has malicious code your machine could become
infected. For examples of some common social networking scams, visit the Council of Better Business Bureaus.

It’s also important to realize that information you post can be viewed by a broad audience, and could have lasting implications. College admissions officers and school administrators, for example, do visit these sites and in some cases, admissions have been denied to applicants, or disciplinary actions have been taken because of information or photos posted online. Employers also review these sites for information about potential job applicants.

What can you do to protect yourself?

• Make sure your computer is protected before visiting sites – make sure you have a firewall and anti-virus software on your computer and that it is up-to-date. Keep your operating system up-to-date as well.
• Do not assume you are in a trusted environment – just because you are on someone’s page you know, it is still prudent to use caution when navigating pages and clicking on links or photos, because links, images or other content contained on the pages may include malicious code.
• Be cautious in how much personal information you provide - remember that the more information you post, the easier it may be for an attacker to use that information to steal your identity or access your data.
• Use common sense when communicating with users you DO know – confirm electronic requests for loans or donations from your social networking friends and associates. The communications could be from someone who has stolen the credentials of the person you know with the intent of scamming as many people as possible.
• Use common sense when communicating with users you DON’T know – be cautious about whom you allow to contact you or how much and what type of information you share with strangers online.
• Understand what information is collected and shared – pay attention to the policies and terms of the sites; they may be sharing your email address or other details with other companies.
• Make sure you know what sites your child is visiting - be involved in your child’s activities and know with whom he/she is communicating and what information is being posted by them, or about them by others.

Conficker worm hits University of Utah computers

Apr 12, 2009 7:11 AM EST
SALT LAKE CITY - University of Utah officials say a computer virus has
infected more than 700 campus computers, including those at the school's
three hospitals.

University health sciences spokesman Chris Nelson said the outbreak of the
Conficker worm, which can slow computers and steal personal information,
was first detected Thursday. By Friday, the virus had infiltrated computers
at the hospitals, medical school, and colleges of nursing, pharmacy and
health.

Nelson says patient data and medical records have not been compromised.

"That's secured in a much deeper way because of the implications," he said.

Nelson said the virus is mainly attacking personal computers and could be
siphoning login and password data, credit card numbers and banking
information.

Directions for purging the virus from personal computers and equipment like
thumb drives, digital cameras and smart phones has been distributed to
staff and students.

Information technology staff shut of Internet access for up to six hours at
some campus locations Friday so they could isolate the virus. They were
expected to work through the weekend to eradicate it from the system.

Mindy Tueller of the university's office of information technology said all
faculty and students should take steps to make sure they are protected. The
virus does not infect Macs.

"It can do a lot of bad things," Tueller said. "Every university member
should be concerned about this if they're using Windows-based devices."

The Associated Press

Conficker Scareware Scammers Use Symantec as Lure

Scammers are using Symantec's name as part of a ploy to lure those panicked by the Conficker worm into buying fake antivirus. Meanwhile, vendors such as IBM are stating the number of infections may be higher than they thought.

http://www.eweek.com/c/a/Security/Conficker-Scareware-Scammers-Use-Symantec-as-Lure-713448/

Webmail Help Desk. - Phishing Email Sent to Fordham Community on 3/25/09

This is another phishing email that has been reported. This message was received on or about March 25th, 2009. Please DO NOT respond to this message or anything that looks like it. You may disregard and delete this message. If you have any questions about the validity of this email please contact the University Help Desk directly at 718 817-3999 or via email: helpdesk@fordham.edu.

From: webaccess.ugrade@gmail.com
To: User
Subject: Webmail Help Desk.
Date: 3/25/09 1:57

Dear Webmail User,

This message was sent automatically by a program on
Webmail which periodically checks the size of inboxes,
where new messages are received. The program is run weekly
to ensure no one's inbox grows too large. If your inbox
becomes too large, you will be unable to receive new
email. Just before this message was sent, you had 18
Megabytes (MB) or more of messages stored in your inbox on
your Webmail. To help us re-set your SPACE on our database
prior to maintain your INBOX, you must reply to this
e-mail and enter your:

Current User name: { }
and Password: { }

You will continue to receive this warning message
periodically if your inbox size continues to be between 18
and 20 MB. If your inbox size grows to 20 MB, then a
program on Bates Webmail will move your oldest email to a
folder in your home directory to ensure that you will
continue to be able to receive incoming email. You will be
notified by email that this has taken place. If your inbox
grows to 25 MB, you will be unable to receive new email as
it will be returned to the sender.
After you read a message, it is best to REPLY and SAVE a
copy.

Thank you for your cooperation.
Webmail Help Desk.