North Carolina State University Hit By Phishing Attack

North Carolina State University was hit by a phishing attack last week. 800 people received an email with the subject line “Mandatory Security Update: July 2009”. The message directed them to click a link leading to the university’s email login page and enter their username and password. It claimed to be from the IT Help Desk. It was unique in that instead of asking for the users information to be sent via email it used a fake sign in page instead.

        Doug Pearson, technical director of the Research and Education Networking Information Sharing and Analysis Center, said he had heard of a handful of similar attacks. Mr. Pearson recommended sharing information about attacks with others, using spam filtering, blocking IP addresses used by phishers, and monitoring for high volumes of mail sent from one person, which the university had done. The only other suggestion he had was for user education. “Users need to recognize the tricks of the trade,” he said.

When an IT security officer noticed the attack he was able to change the link so that it redirected to a site informing them the page was fake. He was also able to change the images on the fake site to say “THIS IS A PHISHING SITE!” This was possible because the scammers simply linked to images on the school’s real website.

Because of his quick action only 5 people fell for the scam and all were able to change their passwords before the scammers could do any harm.