All mun.ca email account holders are advised that a new
email aimed at stealing login names and passwords is circulating.
Offending messages examined thus far have all been of the form below;
as per previous phishing attacks however, minor variations in text
can be expected.
> From: PureMessage - Admin <firstname.lastname@example.org>
> To: Undisclosed Recipients
> Reply-to: email@example.com
> Subject: Email Support 03/09/2009
> Attention MUN E-Mail Account Holder,
> We are currently performing maintenance for our Digital Mail Account
> holders due to the rate of identity informations problems being
> encountered by our mail account holders. We discovered that our mail
> account owners have been receiving phishing emails from unknown
> personnels asking them to verify their e-mail account. And due to
> all these, we are upgrading our Digital Mail Security Server for
> better online services.
> In order to ensure you do not experience service interruption, please
> you must reply to this email immediately and enter your mun.ca email
> address here ( )and password here ( ) for security
> reasons and check out your new features and enhancements with your
> new and improved MUN webmail account. To enable us upgrade your
> Account for better online services please reply to this mail.
> Note that we request your username and password for identification
> purpose only and you will be sent a new confirmation/alphanumerical
> password so that it will only be valid during this period and can be
> changed after this process.
> MUN E-mail Technical Informations Department
> 2009 Memorial University of Newfoundland.
Clients are advised to not reply to or follow any links contained in
these messages. Account holders who have done either and fear they may
have divulged their username and password should change their password
immediately and contact the Computing and Communications' Help Centre
(x4595, firstname.lastname@example.org) for assistance.
Clients are reminded that Computing and Communications does not verify
or otherwise solicit client login credentials (username/password) through e-mail. Never reply to or follow links appearing in such messages, regardless of how legitimate they may appear. Clients should instead report all such emails to the Computing and Communications' Help Centre (x4595, email@example.com).