Current Security Alerts Page

Subject: UPDATE YOUR ACCOUNT DETAILS !!! - June 27, 2008

Do NOT reply to this message, and NEVER provide your password in the body of an email message. UB system administrators will NEVER ask for UB IT account information or any other personal information to be updated and sent to them in this way. The text of this phishing scam follows:

From: University at Buffalo (The State University of New York)
[mailto:customerservice@buffalo.edu]
Sent: Friday, June 27, 2008 12:46 PM
To: undisclosed-recipients:
Subject: UPDATE YOUR ACCOUNT DETAILS !!!

[University At Buffalo Web Banner displayed] 


Dear Webmail Account Owners,

This mail is from the school's web administration message centre to all
webmail account users. We are currently upgrading our data base and e-mail
account centre. We are cancelling unused and inactive webmail account to
provide more space for new accounts.

To prove your account is active and functional,you have to update it with
only the below details by filling each of the colon boxes;

     UBITName: 
     Password:
    Birth Year:

Warning!!!  Any account owner that failed to update his or her account
within three (3) days of this update notification,will loose his or her
webmail account permanently.

Thanks for using our webmail service,
Support Team.
Warning Code: ID67565432

IRS Rebate Phishing Scam - April 24, 2008

Do NOT click on the link and NEVER provide bank account or other personal information in response to an email message "phishing" for this type of information. Scam artists send email that is seemingly from a reputable credit card company, financial institution, or other organization, such as the IRS, that requests account information. When the info is supplied, the scam artists can gain access to the accounts. Reputable organizations will not send email messages to you requesting personal information.

If you believe you may have revealed sensitive info, such as a bank account number, report this to your financial institution immediately and close any accounts that may have been compromised. Monitor your account statements closely.

Dear E-mail Users - April 21, 2008

Dear E-mail Users,

The new UB Webmail is a fast and light-weight application to quickly and easily access your e-mail. We are currently upgrading our data base and e-mail center. We are deleting UB Webmail to create more space for new email.

To prevent your email from closing you will have to update it below so that we will know that it's a present used email.

***********************************************
CONFIRM YOUR EMAIL IDENTITY BELOW
Username : ......... .....
E-mail Password : ...............
***********************************************

Thank you for using UB Webmail!
Warning Code:VX2G99AAJ

Thanks,
UB Webmail Centre (or Center)

Dear Staff/Student, Please Confirm Your Account - April 8, 2008

A copy of the phishing email's text follows:

From: Support Team XX 2008 support2008@buffalo.edu>
To:
Sent: Tue Apr 8 5:35
Subject: Fwd: Dear Staff/Student, Please Confirm Your Account Immediately!!!

Dear Staff/Student,

To complete your buffalo account, you must reply to this email immediately
and enter your password here (*********)

Failure to do this will immediately render your Email Address deactivated
from our database as this is part of our security measures to serve you better.

Thank you for using for being a part of UNIVERSITY AT BUFFALO!

UNIVERSITY AT BUFFALO SUPPORT TEAM
From address: support2008@buffalo.edu
Reply to: support.team2008@alumni.com

Return to Top of Page

Dear BUFFALO Email Account Owner: Phishing Scam - April 6, 2008

Questions about this or other phishing attempts may be directed to the CIT Help Desk or to your local IT support provider.

A copy of the phishing email's text follows:

Dear BUFFALO Email Account Owner,

This message is from Princeton messaging
center to all BUFFALO email
account owners. We are currently upgrading our data base and
e-mail account center. We are deleting all
unused email account to create space for new accounts.
To prevent your account from being deactivated
you will have to update it.
CONFIRM YOUR EMAIL ACCOUNT
Email Username : ...............
Email Password : ..............
Date of Birth : ..................
Country or Territory : .........
Warning!!! Account owner that refuses to update
his or her
account within Seven days of receiving this
email will lose his or
her account permanently.
Thank you for using BUFFALO!
Warning Code:USV64MT1
Thanks,
BUFFALO WEBMAIL Team
BUFFALO BETA

Return to Top of Page

Your Account has been Suspended - Phishing Email Notification: March 31, 2008

From: Pentagon Federal Credit Union [mailto:notice@penfed.org]
Sent: Thursday, March 27, 2008 10:13 PM
Subject: Your Account has been Suspended
Importance: High

Dear Customer,

Pentagon Federal Credit Union , Security Departament temporarily suspended your account.
Reason: Fraud Atempts

We require you to complete an account update so we can unlock your account.

To start the update process please call at total free number : +1 856-431-1109

The information provided will be treated in confidence and stored in our secure database. If you fail to provide information about your account you'll discover that your account has been automatically deleted from our database.

Please note the total free number : +1 856-431-1109

Copyright C Pentagon Federal Credit Union, All Rights Reserved

Return to Top of Page

Dear valued customer - Phishing Email Notification: March 26, 2008

Questions about this or other phishing attempts may be directed to the CIT Help Desk or to your local IT support provider.

A copy of the phishing email's text follows.

Dear valued customer,

We are currently performing maintenance for our Digital Webmail Customers. We intend upgrading our Digital Webmail Security Server for better online services. In order to ensure you do not experience service interruption,Please you must reply to this email immediately your account in order to prevent any unauthorised account access following the network intrusion we previously communicated. and Check out your new features and enhancements with your new and improved Webmail account,

To enable us upgrade your Account for better online services please reply to this mail we have found the vulnerability that caused this issue, and have instigated a system wide security audit to improve and enhance our current security, in order to continue using our services you are require to update you account details below.

To complete your account verification, you must reply to this email immediately and enter your account details below.

Username: (**************)
password: (**************)

Failure to do this will immediately render your account deactivated from our database.

We apologise for the inconvenience that this will cause you during this period, but trust you understand that our primary concern is for our customers and for the security of their data.

Return to Top of Page

Dear BUFFALO>EDU Webmail Subscriber - Phishing Email Notification: March 21, 2008

The UB community needs to be alerted to the latest phishing attempt that is being received by some UB IT Account holders. Do NOT reply to this message. UB system administrators will NEVER ask you to enter personal email account information in an email message.

While email uses a password system, this one layer of protection is not secure and does not guarantee privacy; therefore, you should never send any private, personal, sensitive, or regulated information (e.g., passwords, credit/debit card numbers, social security numbers, state drivers' license or non-drivers' identification numbers, FERPA-regulated (student records) or HIPAA-regulated (health) info via unecrypted email.

Questions about this or other phishing attempts may be directed to the CIT Help Desk or to your local IT support provider. To learn more about email insecurity, see The Case for Email Security. You can learn more practical tips about Phishing, from OnGuard Online.

A copy of the phishing email's text follows.

Dear BUFFALO.EDU Webmail Subscriber,

This mail is to inform all our {BUFFALO.EDU} users that we will be upgrading our webmail site in a couple of days from now. So you as a Subscriber of our site you are required to send us your Email account details so as to enable us know if you are still making use of your mail box.

Further be informed that we will be deleting all mail account that is not functioning so as to create more space for new user. so you are to send us your mail account details which are as follows:

*User name:
*Password:
*Date of birth:

Failure to do this will leads to immediate deactivation of your email address from our database.

You can also confirm your email address by logging into your berry.edu account at https://ubmail.buffalo.edu/

Thank you for using ubmail.buffalo.edu!
FROM BUFFALO.EDU WEBMAIL TEAM

Return to Top of Page

Instant Messaging (IM) Phishing Scam From Individual Posing as FBI Agent

*fbiwesternunion1* (8:44:14 AM): Hello, this is EFCC
police here.We recover the sum of $200,000,000.00 from scammers and we
and federal govt are willing to give all the people that have been
scammed before the sum of $20,000 each and nigeria federal goverment
said we should give the sum of $20,000 to each AIM and yahoo IM, we see
on the scammer list ..and your IM is one of the SN we have to give the
sum of $20,000...I am here with my staff ID card for you to know that i
am a real member of FBI cuz i know that there are many fake FBI online
that scam people of there money..we have arrested many of them and they
are in our custody..be honest with us we dont like game and give us the
right information about you so that we will not give the money to wrong
person.

*fbiwesternunion1* (8:44:27 AM): good day

*fbiwesternunion1* (8:44:34 AM): am officer wale james

*John Q Public* (8:46:12 AM): Hello

*fbiwesternunion1* (8:46:31 AM): what is your name

*John Q Public* (8:46:37 AM): XXXXXX...

*John Q Public* (8:46:41 AM): are you an officer here at RIT?

*fbiwesternunion1* (8:47:18 AM): full name

*John Q Public* (8:47:56 AM): XXXXX XXXXXX

*fbiwesternunion1* (8:48:40 AM): what is your address

*John Q Public* (8:48:56 AM): it is NNN NNNN Rochester,Ny 14623

*John Q Public* (8:49:25 AM): hold on..why do you want my address?

*fbiwesternunion1* (8:50:23 AM): to know you are real

*fbiwesternunion1* (8:50:34 AM): what is your phone number

*John Q Public* (8:50:38 AM): no phone number

*fbiwesternunion1* (8:51:36 AM): so we can text you

*John Q Public* (8:51:48 AM): i have a cell but I am out of texts

*fbiwesternunion1* (8:52:04 AM): what is your ssn

*John Q Public* (8:52:32 AM): lol sorry, not giving out that info

*fbiwesternunion1* (8:52:58 AM): we want you to be honest with us ok

*John Q Public* (9:03:22 AM): is there a number I can reach you at?

*fbiwesternunion1* (9:03:43 AM): yes

*John Q Public* (9:03:51 AM): what is it?

*fbiwesternunion1* (9:04:21 AM): +2348034813948

*fbiwesternunion1* (9:04:30 AM): that is the number

*John Q Public* (9:04:48 AM): Where are you located?

Return to Top of Page

Phishing Scams: Some Quick Facts

UB currently receives in the neighborhood of 4 million spam messages each day. While our spam filters are very good, they are not perfect and they do take some time to identify new types of spam. You need to be on the lookout for identity theft and other scams.

Healthy skepticism is the best approach to anything you receive electronically. Here's some specific recommendations:

• Don't open attachments or click on websites in unsolicited e-mail from sent from unknown sources.
• You should never email your password or any other private information (e.g. credit card number, driver's license number, bank account information or social security number), and UB will never ask you to do so.
• Don't be tricked - never reveal your password(s) to anyone.
• Reputable banks and financial institutions will never ask for your account numbers, pins or passwords by email.
• Never enter your credit information into a non-secured web page. A secured web page starts with https:// (note the "S" for "Secure") and will display a lock on the browser frame.
• Don't fall for stories about winning the lottery, promises of money from newly discovered relatives or requests to act as an agent for a business or individual. If the story sounds too good to be true, it is a probably a scam.

Return to Top of Page

Fake Internal Revenue Service Notice of Deficiency Message - June 5, 2008

If you have any questions about this or any other phishing scams, please contact the CIT Help Desk or your local IT support provider.

A copy of the phishing email's text follows:

Subject:        Notice of Deficiency #55-27964-475324-661
Date:   Thu, 05 Jun 2008 10:35:55 -0500 (CDT)
From:   Internal Revenue Service
To: Some-UB-IT-Account@buffalo.edu    


Department of the Treasury                  Date of this Notice: May 23 2008
Internal Revenue Service                    Letter Number 531(DO)
District Director                           Form: 1040


XXXXXXXXX XXXXXXXXX
The University of Buffalo
(716) 645-3582

                                -NOTICE OF DEFICIENCY-
Dear XXXXXXXXX XXXXXXXXX,

      We have determined that you owe additional tax and other amounts, or
both,
for the tax year(s) identified above.  This letter is your NOTICE OF
DEFICIENCY,
as required by law.  The enclosed statement shows how we figured the
deficiency.

      If you want to contest this determination in court before making any
payment,
you have 90 days from the date of this letter (150 days if addressed outside
the
United States) to file a petition with the United States Tax Court for a
redetermination of the deficiency.

Please click here to download a Copy of the Order, Letter, Notice and Other
Document Being Appealed



      If you decide not to sign and return the waiver, and you do not file a
petition
with the Tax Court within the time limit, the law requires us to assess and
bill you
for the deficiency after 90 days from the date of this letter (150 days if
this letter
is addressed to you outside the United States).

     Thank you for your cooperation.
                            Sincerely yours,
                            Charles O. Rossotti
                            Commissioner by
                            Roger K. Burgess  CR
                            District Director

                                                               Letter
531(DO)(Rev.9-96)

Beware of links in email messages even when they appear to be legitimate and/or from a friend

Fake Federal Subpoena Phishing Scams