When in doubt, delete. That’s the message York’s Computing & Network Services (CNS) is hoping community members will keep in mind in the wake of a renewed attack on York’s e-mail system.
York University (along with most other educational institutions worldwide) continues to be the target of ongoing fraudulent e-mails. These messages pose as University e-mail or helpdesk administrators, and ask for name and password information. You may also notice similar fraudulent messages pretendiing to be from popular online services such as eBay, PayPal and financial institutions.
"If you receive this message, do not reply," says Karen Wash, manager of client services. "Delete the message."
Note that legitimate University notifications will never ask for your password or for your personal information. If you receive such a message, do not reply – just delete the message.
The following is the text of a message that is currently being circulated to York e-mail accounts:
"Webmail Yorku.ca Team"
09/25/2008 01:54 AM
Please respond to email@example.com
Subject Confirm Your Yorku.ca Webmail Account To Avoid Closure
NOTICE TO AVOID CLOSURE
Dear Yorku.ca user,
This message is from webmail.Yorku.ca messaging center to all email account owners.We are currently upgrading our data base and e-mail account center and We are deleting all unused Yorku.ca email account to create more space for new accounts.To prevent your account from closing you will have to update it below so that we will know that it’s a present used account.We are upgrading our systems to improve the way we interact with you and to provide you with an enhanced level of customer service.
CONFIRM YOUR EMAIL IDENTITY BELOW
* Username: …………………………..
* Password: …………………………..
* Date of Birth: ………………………
*Country Or Territory: …………………
Warning!!! Account owner that refuses to update his or her account within Seven days of receiving this warning will lose his or her account permanently.
Thank you for using Yorku.ca!
The Yorku.ca Webmail Account Team
If you have provided your password to such a request, please change your password immediately and notify Client Services so they can verify that your account has not been subject to unauthorized access and abuse.
More on what happens if your e-mail is blocked
A small number of people have responded to these messages resulting in their e-mail accounts being taken over and used to send spam e-mail. While staff at York’s Computing & Network Services quickly disable these compromised accounts, sometimes enough spam e-mail is sent that some commercial e-mail services will temporarily block e-mail from York. While CNS does its best to prevent and mitigate these situations, they have no control over waiting periods that external e-mail services impose before lifting blocks.
For more information, contact CNS Client Services at ext. 55800 or e-mail firstname.lastname@example.org.