Phishing Attempts at Northwestern University

Over the past few weeks, Northwestern University has been targeted with several versions of phishing e-mails. These malicious e-mails may appear to come from within Northwestern University or other reliable sources and contain urgent requests that require the recipient to provide personal identifiable information (PII) such as NetIDs, passwords, credit card account numbers, and social security numbers. This trend is being experienced by universities across the country.

The most recent phishing e-mails received by the University community on April 8 and April 14 , are examples of this type of electronic fraud. They claim to come from the University Webmail Support and Webmail Messaging Center which are both bogus University departments. Some other qualities of these attacks may include a non-Northwestern University reply-to address, poor grammar and incomplete or improper University branding.

Northwestern University Information Technology (NUIT) is committed to providing the utmost security to the University network and will never make a request requiring users to e-mail personal information.

Northwestern University Information Technology (NUIT) expects these attacks to continue because senders anticipate financial gain by accessing personal information. If you are unsure about the legitimacy of an e-mail, contact the NUIT Support Center at consultant@northwestern.edu .

Users who have responded to a phishing e-mail must change their NetID  password immediately. Call the NUIT Support Center at 847-49 1-HELP (4357) to report the bogus e-mail and to receive further instructions, if necessary.

• April 8, 2008 phishing e-mail (pdf)
  
• April 14, 2008 phishing e-mail (pdf)
• April 16, 2008 phishing e-mail (pdf)
  
• Guard Against Social Engineering
• NUIT's E-mail Defense System
  

NUIT Support Center

Central helpdesk for faculty, staff, and students.
847-491-HELP (4357)
consultant@northwestern.edu