Campus officials are urging students to be alert after two new phishing scams targeting the University of Wisconsin’s NetID login service were detected.
Spokesperson for the Department of Internet Technology Brian Rust said both of the scams are received in the form of an e-mail to WiscMail accounts asking for certain login information.
One of the phishing scams sends out an email asking users to click on a link to update their NetID and password, which directs them to an exact replica of the NetID login website, Rust said.
“This unsecure website looks exactly the same as the real NetID login site, but it has a different URL,” Rust said. “It is extremely difficult for the average person to recognize that this website is not legitimate.”
By typing in a NetID and password on this phony website, scam artists are able to gain access to this information and ultimately access accounts, he added.
According to Endpoint Security Specialist at DoIt Allen Monnette, DoIt has been able to identify about 460 emails received in WiscMail that were part of this particular phishing attempt, and approximately 16 of the 460 who received the e-mail responded with their NetID and password.
“This type of page spoofing in general is very common,” Monnette said. “This, however, is the first time we have seen someone spoof our NetID page.”
The other type of scam that is affecting WiscMail accounts is a “Trojan horse” scam, which sends phishing e-mails to accounts prompting users to access banking information or update their username and password on social networking sites, Rust said.
He said when a link in one of these e-mails is clicked, it enables a Trojan horse, a type of malicious software, to keep track of a computer’s keystrokes and send them to the source of the e-mail, allowing scam artists to access private information.
Rust added DoIt is currently taking steps to monitor and block these types of scams, while at the same time trying to remind people to be extremely cautious about these e-mails.
“By the time we’ve realized what these scammers are up to and have blocked their access to the source, they have already moved on and gained access to a different source,” Rust said. “It’s like a never ending process for us.”