[CCoE Notice] FW: RE: HELP DESK

Luong, Kiet A KDLuong at Central.UH.EDU
Thu Jul 27 12:56:16 CDT 2017 

Good afternoon,

Many of us have recently received this email (below) from Dr. Shan's email account.  Please disregard and consider it as a phishing email.  As always, I ask everyone to provide his/her own analysis of suspicious emails when contacting me for confirmation.  Below is my analysis of this email to help you formulate your analysis of this, and future suspicious emails.


1.       The email is from a known employee in the college, but no guarantee of legitimacy

2.       The subject itself, "Help Desk", has been a favorite topic by hackers, so it should at least raise an eyebrow

3.       There is no greetings from the sender, and seems to imply an address to a mass or anonymous audience.  Red flag

4.       Even though Dr. Shan is an employee of the college, he is not associated with email admin duties, therefore, should NOT be sending an email to warn us that we've exceeded our mailboxes at the university.  Keep in mind that hackers often use the fear and panic tricks to rush us into a hasty decision.  Major red flag

5.       The email message wants us to "click here" to upgrade our mailbox and avoid deactivation in a short soon.  You will NEVER be asked by UH email admins to click on a link to fix email problems.  The link behind the "click here" URL can be revealed without harm by simply hovering the cursor on the link (without clicking).  In this case, the URL points to http://uh2e3.weebly.com/ (which is not a UH link).  Major red flag.

6.       Email is signed by a generic "UH Mail Support Desk".  Red flag.

I'd like to remind everyone that computer, and computer-related, issues are normally handled by out group.  Eric Stern handles desktop and general computing support, while Shenoy handles Linux support.  Myself, I handle all other technical support for the college.  In the event of a major email, computer or network issues, one of us will contact you to help with these and related issues.  If you are contacted by anyone outside of our team, please reach out to the respective support person for a confirmation BEFORE acting.  This will help us avoid this and similar issues as a college.

Please contact me directly if anyone had accidentally clicked on the link in this email.  I can also answer questions about this email or about phishing emails in general.  Future emails will follow to help keep us ahead of the phishing email problems.

Sincerely,

Kiet Luong
Director of Engineering Computing
College Information Security Officer
Cullen College of Engineering
University of Houston
Email: KietL at uh.edu
Voice: 713.743.9974

From: Shan, Xiaonan
Sent: Thursday, July 27, 2017 10:54 AM
Subject: RE: HELP DESK

Final Warning: You have exceeded the storage limit allocated to your  University of Houston  mailbox CLICK HERE<http://uh2e3.weebly.com/>. to sign in for upgrade to avoid deactivation in 8 hours.

UH Mail Support Desk
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://Bug.EGR.UH.EDU/pipermail/engi-dist/attachments/20170727/912e4ca9/attachment.html

More information about the Engi-Dist mailing list