Computer Security Awareness Training

Late Thursday night, July 16th, an email message showed up in the boxes of over 800 people at North Carolina State University.

The subject was, “Mandatory Security Update: July 2009,” and the email claimed to be from the IT Help Desk. It claimed that in an effort to block spam, all e-mail users had to click a link to the university’s e-mail sign-in page and enter their user name and password.

Of course it was a hoax and the landing page was a site to collect user information. Fortunately, NC was able to stop the attack before any real damage could be done. They realized the phishers were copying the actual graphics from the school’s site and changed the graphics to read “THIS IS A PHISHING SITE. Do not enter your password.”

It is a good policy not to share your password information with anyone. The appropriate people will not need to ask you for it.

Subscribe to the CyberSecurity Training and Awareness blog to be the first to learn about future Cybersecurity News, and Security Awareness Training solutions.