Sunday, May 31, 2009

Don't go phishing

If anyone claiming to be your ISP or bank or credit card company or church or bookclub or any organization/club asks you to confirm your e-mail and other identifying information, don't do it. We at the osu dot edu domain have been phished lately. They are trying to steal our identity, so don't reply. The one I got looked "phishy" simply because the sentence construction and capitalization was so odd--I hoped we weren't employing such poorly trained staff at our OIT. But another librarian got a better one and checked; this is what she was told:
    A large number of Ohio State e-mail addresses have recently been recipients of phishing scam e-mails, asking for their password in order to prevent the account from being removed.

    These messages are a scam, and were NOT sent by the Office of Information Technology or anyone else within The Ohio State University. **Do NOT reply to this message**.

    Once again, these messages are a scam, and were NOT sent by the Office of Information Technology or anyone else within The Ohio State University. Do not reply. If you have already replied, go to our Account Management web site (https://acctmgt.service.ohio-state.edu) and change your password immediately.

    Our network security team is aware of this issue, and since it was sent they have been working with the other Internet Service Providers involved to ensure the situation gets dealt with as quickly as possible.

    For more information on Phishing, see:
    http://buckeyesecure.osu.edu/SafeComputing/IDTPhish

    Our network security team has already taken steps to disable this account and contact the user for further investigation. We apologize for any inconvenience this has caused.

    If you have any more questions or concerns, please feel free to contact us
    at 8help@osu.edu or by phone at (614) 688-Help (4357).

No comments: