HUIT has been made aware of a current targeted phishing attack aimed at our FAS Exchange (FASMail) email service. Multiple users have had their accounts compromised by clicking through a link in the phishing email and then entering their email credentials in a subsequent Login screen.
What is it? GameOver Zeus (GOZ) is malware designed to steal personal information, with a focus on banking credentials. The malware is capable of being remotely controlled and updated. There is a multi-national effort underway to shut down the network that controls these features. Keeping your computer from being infected can help in this cause.
Chief Information Security Officer Christian Hamer urged the Harvard community today to be on heightened alert for phishing scams following a recent theft of Boston University employees' direct deposit information. See CISO Hamer's message below.
Bank of America has contacted Harvard University to make us aware of a recent email scam that has affected the University of Michigan and two local schools. The emails will appear to come from an official University department with a link asking the employee to either confirm their login information or update their payroll or open enrollment benefits.