News, Phishing, Security

PHISHING WALL OF SHAME – “Campus Police Security News Umb.Edu”

Don’t rely on the kindness of scammers!

We all owe a debt of gratitude to today’s scammer for all the clues he gave, warning us we were about to be hustled! However, you can’t rely on obvious signs to protect yourself. Today’s entry was forwarded to IT staff by numerous people on campus:

The email has a link in it. IT Staff were able to investigate this link in a secure way, and saw it directed to a form requesting the user enter their email username and password. Trained IT Staff opened the web page to take the picture below, however you should avoid clicking a link in a suspicious email because it could contain phishing attempts, malicious code, or illegal content, and could cause harm to your computer. Here is the page that these links led to:screenshot of phishing webpage with the umass logo, asking for username and password

Old UMass Boston logo with a specific spot highlighted, which does not exist on the current logo
“Pippy” was removed
from the logo in 2009.

Let’s list all the ways that this scammer showed us that they are trying to hustle us. The email text is confusing, the sender’s name doesn’t show up in our staff directory, the sender is using a non-umb.edu email address (probably a previous phishing victim), and the logo on the website is about 7 years out of date.

But what’s the number one way we can tell that this page is trying to hustle us? Let’s get a close up of that URL…screenshot of the scammer's url, goonthehustle******.usYes, the URL of this page actually has “Hustle” in the address!

All that being said, a point that this blog always tries to hammer home is “Never assume a scammer’s stupidity will adequately protect you from their malice.” (If I may adapt Hanlon’s razor…)

What this means is while many attacks are obvious fakes, it’s not hard for a scammer to make a perfect looking email and web page-you can’t depend on an incompetent scammer to keep yourself safe!

 

Today’s scammer did a poor job, but how could you be sure it’s a fake, even if the attack were a perfect forgery? Check the URL and the certificate!

To contrast, here is the url bar for the real UMass Boston webmail login. First you can see it says “umb.edu/”. But beyond that, we can tell the page has a security certificate from the green icon. If you click on this green icon, you get additional info about its validity.

screenshot of the real webmail login page with a green lock icon signifying a valid security certificate
Note, the certificate icon will look different depending on your browser and operating system. Do some research to find out what you should be seeing on yours.

If you are suspicious of a file, link, website, or email, you can contact the IT department to ask if it may be a scam. Forward a copy of a suspicious email to abuse@umb.edu.

Always remember…

Don’t take the bait! IT will NEVER ask you for your password. Phishing emails attempt to deceive​ you into giving up your private information by leading you to fraudulent websites. Learn more at:
http://www.umb.edu/it/getting_services/security/phishing/