Information Security

Active Phishing Attack: 'FAS Mailbox Quota Exceeded'

March 26, 2015

HUIT has been made aware of a current targeted phishing attack aimed at our FAS Exchange (FASMail) email service. Multiple users have had their accounts compromised by clicking through a link in the phishing email and then entering their email credentials in a subsequent Login screen.

The subject line of this targeted attack is “FAS Mailbox Quota Exceeded” and the body of the email contains a warning, purportedly from the HUIT Help Desk, informing the recipient that they need to log in via the included link to have their mailbox size increased.

Once a user’s account

Read more about Active Phishing Attack: 'FAS Mailbox Quota Exceeded'

GameOver Zeus Vulnerability

June 3, 2014

What is it?
GameOver Zeus (GOZ) is malware designed to steal personal information, with a focus on banking credentials. The malware is capable of being remotely controlled and updated. There is a multi-national effort underway to shut down the network that controls these features. Keeping your computer from being infected can help in this cause.

Who is affected? 
Users of any Microsoft Operating System. 

What is Harvard doing?
Most spam and phishing attempts sent to your University-issued email

Read more about GameOver Zeus Vulnerability

Don't get hooked by phishing scams

January 10, 2014

Chief Information Security Officer Christian Hamer urged the Harvard community today to be on heightened alert for phishing scams following a recent theft of Boston University employees' direct deposit information. See CISO Hamer's message below.   

Dear Colleagues,

As you may be aware, some Boston University employees were recently targeted by a scam that resulted in their direct deposit

Read more about Don't get hooked by phishing scams