HUIT has been made aware of a current targeted phishing attack aimed at our FAS Exchange (FASMail) email service. Multiple users have had their accounts compromised by clicking through a link in the phishing email and then entering their email credentials in a subsequent Login screen.
The subject line of this targeted attack is “FAS Mailbox Quota Exceeded” and the body of the email contains a warning, purportedly from the HUIT Help Desk, informing the recipient that they need to log in via the included link to have their mailbox size increased.
What is it? GameOver Zeus (GOZ) is malware designed to steal personal information, with a focus on banking credentials. The malware is capable of being remotely controlled and updated. There is a multi-national effort underway to shut down the network that controls these features. Keeping your computer from being infected can help in this cause.
Who is affected? Users of any Microsoft Operating System.
What is Harvard doing? Most spam and phishing attempts sent to your University-issued email
Microsoft has announced that a vulnerability exists which arises when Word is used to open RTF documents, and a zero-day attack which exploits the vulnerability in Word 2010 (Windows) has been seen "in the wild". See this article at
Chief Information Security Officer Christian Hamer urged the Harvard community today to be on heightened alert for phishing scams following a recent theft of Boston University employees' direct deposit information. See CISO Hamer's message below.
As you may be aware, some Boston University employees were recently targeted by a scam that resulted in their direct deposit
Bank of America has contacted Harvard University to make us aware of a recent email scam that has affected the University of Michigan and two local schools. The emails will appear to come from an official University department with a link asking the employee to either confirm their login information or update their payroll or open enrollment benefits. Read more about Phishing attack - Payroll or Open Enrollment