Don’t get phished!

As the spring semester starts, NC State email accounts are being targeted with advanced phishing attacks to steal your personal information (e.g., account names, passwords and banking and credit card information). These phishing attacks can be extremely damaging to you and the university.

Phishing attacks are typically associated with email, and most are implemented when someone clicks a link to malicious online content – often a webform designed to trick users into thinking they are entering information into a trusted website such as Facebook or PayPal. These attackers often will perform reconnaissance (via a simple Google search) on a specific target and then craft a sophisticated pretext to increase the likelihood of their success.

For several years now, email accounts at NC State have been targeted using advanced phishing attacks. Attackers have made perfect copies of just about every login page on any ncsu.edu website and then sent thousand of emails enticing campus users to visit them. These sites includes the MyPack Portal and the NC State Shibboleth and Google Docs login pages. Phishing emails sent to @ncsu.edu accounts have included a great deal of information about the university. They have referenced:

  • North Carolina State University
  • NC State logos, banners and template graphics
  • Shibboleth logins
  • OIT
  • Unity username
  • Names in the Campus Directory
  • Support@ncsu.edu or help@ncsu.edu
  • Google Apps for Education

Why is protecting your email account and password important? The ncsu.edu domain has been around a long time and, as such, is trusted on the Internet. An email message sent from your account is less likely to be tagged as spam, so it will get delivered to the target’s Inbox. Sustaining phishing and spamming operations seems to be the most common reason for phishing attacks.