July 30, 2015

Spearfishing email targets 1,100+ UNL accounts


An email designed to steal login credentials targeted more than 1,100 UNL accounts on July 30.

UNL’s Information Technology Services responded to the attack, blocking access to the fraudulent login website on the UNL network, issuing a takedown notice to the company hosting the site and sending a direct email to all UNL recipients.

Individuals who clicked the email or entered login credentials into the website should immediately change email passwords and contact the UNL Computer Help Center at mysupport@unl.edu or 402-472-3970.

“This particular email looks on the surface, to be legitimate,” said Cheryl O’Dell, senior information security analyst for ITS. “But if you hover over the link you can tell it goes to a fraudulent website. People need to know that no one at UNL will ask for your login and password via email.”

One way to check a website’s authenticity is to manually type in the Web address instead of clicking an email link.

Phishing emails remain a continuous security threat to universities, businesses and individuals, O’Dell said. The attacks remain difficult to combat because there is no easy way to detect phishing emails through automated filtering.

“There are some web domains that are known to be phishing sites and can be blocked,” said Dave Spanel, assistant director of infrastructure and operations for ITS. “This particular email was sent through a hacked account from another higher education institution.”

The best defense to phishing is user awareness, O’Dell said.

“We’ve had many people forward phishing emails to the security team when something looks suspicious,” O’Dell said. “Any suspicious emails can be forwarded as an email attachment to security@unl.edu.”

For more information about reported phishing emails at UNL, go to http://go.unl.edu/phishing.