January 26, 2012
Warning: Increase in phishing scam emails trying to steal K-State eID passwords
Attention, K-State faculty, staff and students,
Since the start of the spring 2012 semester, K-State has seen a significant increase in the number of phishing scam emails that are trying to steal eID passwords. Thus far, at least 10 K-Staters have been tricked into providing their eID and password to criminals under the guise of needing to upgrade their webmail account or exceeding the mailbox storage limit.
THESE ARE ALL SCAMS. K-State IT support staff will NEVER ask for your password in an email. Do not under any circumstances reply to these scam emails or click on a link in the email and fill out a form with your eID and password.
Abide by this simple rule and you will be safe from these scams and others: NEVER provide your password to anyone in response to an email!
These stolen eIDs and passwords are used to log into K-State’s webmail and send thousands of spam messages to people around the world. As a result, K-State is placed on spam block lists where email services like hotmail.com, msn.com and comcast.net temporarily reject ALL email from K-State, which has happened this week.
New scam emails arrive at K-State daily. Attempting to appear legitimate, they say they are from the “K-State ITS Service Desk” or “System Administrator” and have subjects like “Storage Limit Exceeded” or “Mailbox Shutdown Notification.” Don’t be fooled. Simply delete anything that asks for your password.
If you have already replied, go to eid.k-state.edu immediately and change your password so your webmail account won’t be used for malicious purposes by the criminals perpetrating these scams.
To see recent examples of scam emails received at K-State, visit K-State’s IT Security Threats Blog: threats.itsecurity.k-state.edu
To learn more about how to recognize many kinds of scams, visit K-State’s email threats website at www.k-state.edu/its/security/netsafety/email.