[CCoE Notice] Another phishing email

Luong, Kiet A KDLuong at Central.UH.EDU
Thu Nov 6 12:48:59 CST 2014 

And here’s another phishing email received just now:


Fall Open Enrollment

Section III.d.Changing Medicare Coverage
Re: Altiris-406587

Automated Alert: Medicare Expiration is Approaching



There is only limited time left in which to make changes to your plan.
https://www.Altiris.mcare/ppln/us/7744556/<http://www.yourhelpchoosing.com/oklahomans/subaverage/hardheadedness/anthropomorphism/skulkers.aspx>



Please note that you should not wait until your coverage has almost ended. This will allow you to have continuous coverage.

As of 11/06/2014 --Provider-65234- Part-D⇒<http://www.yourhelpchoosing.com/oklahomans/subaverage/hardheadedness/anthropomorphism/skulkers.aspx>

Current Plan Expires 12/2014







Options can vary form state to state.
US-Health Team (Aker and Smith),

[removal Prefs]<http://www.yourhelpchoosing.com/habitats/diebacks/feaster/deadened.jsp>http://www.medicare.gov/sign-up-change-plans/when-can-i-join-a-health-or-drug-plan/when-can-i-join-a-health-or-drug-plan.html - Seven Blackmore Ct. Camp Hill PA 17011-1749



his seems overly complicated when you could just use the std::string constructor that accepts input iterators. I.e. std::string fileContent( ( std::istreambuf_iterator< char >( file ) ), std::istreambuf_iterator< char >() ); where file is the ifstream object.




Kiet Luong
Director of Engineering Computing
College Information Security Officer
Cullen College of Engineering
University of Houston
Email: KietL at uh.edu
Voice: 713.743.9974

From: Luong, Kiet A
Sent: Thursday, November 06, 2014 9:05 AM
To: engi-dist at egr.uh.edu
Cc: engineering-student at listserv.uh.edu
Subject: FW: Quota Limit

Good morning,

It appears that another clever phishing email is making its way throughout campus, so please be on the lookout for this and similar phishing emails in your inbox.
To review phishing email strategies, let’s look at the “red flags” in this email to determine whether it is a legitimate email or not:

1.       The 1st “red flag” is the “From” and “To” addresses.  Since we do not know the email addresses, it is automatically a “red flag.”  Just because it has a @uh.edu ending, it doesn’t mean that it is automatically legitimate.  Also, the name associated with the email address is “University of Houston” which should automatically trigger your suspicion.  I don’t think there’s a single, legitimate email address on campus that can claim to be THE “University of Houston”

2.       The 2nd red flag is the quota limit email itself.  Legitimate quota limit emails just tell you you’re over or about to be over your limit, and do contain any website links at all.  Hopefully by now, you all know that you cannot increase your mailbox sizes by clicking on a link to a website.

3.       The 3rd and most “telling” red flag is the web link itself.  If you hover the cursor over the link (without clicking on it), you will see where the link will take you if you click on it.  In this case, the link goes to ritoch.com.pe website, which is obviously not a UH website (even though the link itself is named ww4.uh.edu/quota-limit-access).  Any time you look at a web address, the last set of characters determine the country of the website.  We all know that websites ending in .com is from the USA, but .com.pe is not.  In fact, .pe web addresses are actually from Peru.

There may be other red flags, but I think you get the picture.  Thanks to those who brought this to my attention, and for not falling victims to these phishing emails.  Please continue to stay alert when checking emails, and as always, ask me if you spot even just one “red flag” in an email.

Thanks,

Kiet Luong
Director of Engineering Computing
College Information Security Officer
Cullen College of Engineering
University of Houston
Email: KietL at uh.edu<mailto:KietL at uh.edu>
Voice: 713.743.9974


From: University of Houston [mailto:additionalusage at uh.edu]
Sent: Wednesday, November 05, 2014 5:29 PM
To: additionalusage at uh.edu<mailto:additionalusage at uh.edu>
Subject: Quota Limit


[https://encrypted-tbn2.gstatic.com/images?q=tbn:ANd9GcSouW9F2OmDHqgbtl5w6lVZMM0m0_mbFjBIwGQAPB5ZRqj7jcbkjg]
Your mailbox has reached 497MB. which is over 98% of
the allocated  500 MB.To avoid the loss of your account,
you are required to upgrade your Mailbox account by clicking
on the link below to enable the increase in the storage
quota of your account.

http:/www4.uh.edu/quota-limit-access<http://ritoch.com.pe/components/com_finder/controllers/webmail/>


Sincerely,
University of Houston,
4800 Calhoun Rd,
Houston, TX 77004•
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://Bug.EGR.UH.EDU/pipermail/engi-dist/attachments/20141106/af920ff0/attachment-0001.html

More information about the Engi-Dist mailing list