An email targeting UNL email accounts with the purpose of stealing login credentials reached over 1100 individuals on campus, Thursday, July 30. UNL Information Technology Services responded quickly to the attack, blocking access to the fraudulent login website on the UNL network, issuing a takedown notice to the company hosting the site and sending a direct email to all UNL recipients. If anyone clicked on the email or entered their login credentials into the website, they should change their password immediately and contact the UNL Computer Help Center.
“This particular email looks on the surface, to be legitimate,” says Cheryl O’Dell, ITS senior information security analyst. “But if you hover over the link you can tell it goes to a fraudulent website. People need to know that no one at UNL will ask for your login and password.” To be sure of a website's authenticity, O’Dell adds, manually type in a web address instead of clicking an email link. Phishing emails remain a continuous security threat to universities, businesses as well as individuals.
Part of what makes phishing so difficult to combat, is that there is no easy way to detect phishing emails through automated filtering. “There are some web domains that are known to be phishing sites and can be blocked,” says Dave Spanel, ITS assistant director, infrastructure and operations. “This particular email was sent through a hacked account from another higher ed institution.”
The best defense to phishing is “user awareness,” adds O’Dell. “We’ve had many people forward phishing emails to the security team when something looks suspicious. Any suspicious emails can be forwarded as an email attachment to security@unl.edu
For more information on reported phishing emails at UNL, go to http://go.unl.edu/phishing
Contact the Computer Help Center at (402) 472-3970 or toll-free (866) 472-3970 or email mysupport@unl.edu
Written by Jon Wilson