Staff Email Security AlertPosted: August 31, 2012
ICTS has received a number of reports of another bogus email being sent to Griffith staff and students.
This email claims that your email address will be deactivated if you do not click on a link and enter a number of personal details.
The examples we have examined have all come from Brazilian email addresses (they end with “.br”) despite the name of the sender being “Griffith University”.
This is another example of an identity theft attempt (otherwise known as a targeted “phishing” email). Its authors want you to click on the provided web link and enter in personal information that they can use or sell for the purposes of identity theft.
The text of these bogus emails is similar to the following:
We are experiencing some serious technical problems with our servers. Therefore, we would be shutting down all unused and unverified accounts. So to avoid deactivation of your account, you will have to re-validate your e-mail address by clicking on the link below.
This is followed by the clickable link and then ends with a copyright message “© 2012 Griffith University.”
If you receive this message, please delete it without visiting the linked website. If you have visited the website, we advise you to virus scan your PC and also to change your Griffith password.
To change your Griffith password, click on the “Change Password” link on the lower right of the Griffith Single Sign-On page (you may need to log out of Griffith Portal to get to this page).
The security of your personal information and our systems is importance to us. If you have any queries about this or any other possible scams, please do not hesitate to contact and inform our security team at firstname.lastname@example.org.