The University of St. Thomas was the victim of a very sophisticated and targeted "phishing" scam today. Phishing e-mails attempt to deceive the recipient into giving up private information in a response to a message or by leading the recipient to a fraudulent Web site.
The e-mail sent today included a link that looked like a legitimate St. Thomas Web address. When clicked on, that link led to a Web page that looked like a St. Thomas page and asked for username and password. Once a username and password was entered by a St. Thomas faculty, staff, or student, his or her e-mail account was compromised and a new round of phishing e-mails was sent from a St. Thomas e-mail address.
This is an example of the phishing e-mail:
Attention Member,
Please click on below link to update your Email account.
webapp.stthomas.edu/ustportal/index
University of St. Thomas
Information Resources and Technologies (IRT) at St. Thomas blocked access to the Web link from on campus and disabled all compromised accounts. If you are off campus, you are still able to access the link and should make sure that you do not click on it and provide your username and password. The content within the link is housed on a server in Australia. IRT has contacted the company that manages the server and asked that they remove the link.
Phishers are growing more clever all the time. They troll Web sites and copy them to make their e-mails and Web sites look legitimate. Please be very careful about clicking on links in e-mail messages and remember that IRT and St. Thomas will never ask for your username and password via e-mail.
If you have any question about the legitimacy of an e-mail, contact the IRT Tech Desk at (651) 962-6230.
