Spear phishers target US students

By Shaun Nichols on Feb 5, 2008 9:58 AM
Filed under Messaging

A new spear phishing attack is targeting the email accounts of US university students.

Researchers at Sans Institute said that the attacks are disguised as messages from administrators performing a 'database update'.

The messages state that in order to keep their email accounts, the students must 'verify' the accounts by replying to the message with details such as user names, passwords and date of birth.

Researcher Mark Hofman wrote in the Internet Storm Center blog that the attacks are similar to those on European ISPs spotted earlier this year.

The attackers use email addresses with the name of the school, although the accounts are hosted by an external email service such as Hotmail.

Hofman noted that, because the attack targets individual students, few messages are sent and the emails will often slip past spam filters.

Administrators should be on the lookout for a large volume of incoming messages from the same address, as well as a large volume of messages with multiple recipients. Students should also be warned about the attacks.
Copyright ©v3.co.uk
Keywords
phishing phishing, attacks email, security email, scam spear
Related

What are your thoughts on this article? Add your comment below.

To begin commenting right away, you can log in below or register an account if you don't yet have one. Please read our guidelines on commenting. Offending posts will be removed and your access may be suspended. Abusive or obscene language will not be tolerated. The comments below do not necessarily reflect the views or opinions of SC Magazine, Haymarket Media or its employees.

NOTE: You must be a registered member of SC Magazine to post a comment.

Click here to login | Click here to register
comments powered by Disqus
Sign up to receive SC Magazine email newsletters
   FOLLOW US...
Most Read