• NETWORK
  • Overview
  • Ethernet
  • Wireless
  • Using 802.1x
  • VPN
  • Handheld devices
  • Hubs and Device Reg
  • Peer-to-Peer and Copyright
  • International student guide
  • Active Directory
  • Modem
  • Outside ISP
  • Medical Campus
• E-MAIL
  • Get started
  • General e-mail topics
  • Away from BU?
  • After graduation
• SECURITY
  • Overview
  • Virus protection
  • Spyware detection
  • Firewalls
  • AutoUpdate
  • Virus removal
  • McAfee VirusScan help
  • Norton Security help
  • Alerts
  • Register notebooks
  • Facebook settings
• WIN/MAC
  • Overview
  • Supported software
  • Windows help
  • Mac OS help
  • Microsoft Office
  • FileMaker Pro
  • Adobe Acrobat
  • Web browsers
  • Web Login Help
  • Distributed software
  • Go green!
• ACS/UNIX
  • Overview
  • Get an account
  • Account quotas
  • Docs and software
  • Using Pine
  • X Win, Telnet, SSH
  • BU Linux
  • Using FTP
• TUTORIALS
  • Overview
  • Course descriptions
  • Tutorial handouts
  • Self-paced tutorials
• SALES/REPAIR
  • Overview
  • Personal
  • Departmental
  • Repair
  • Donate or recycle
  • BUPD Laptop Reg
• CONTACT
  • Contact us
  • Departmental support
  • Courseware support
  • Web development
  • Faculty resources
  • Web conferencing

SPOOFED MAIL EXAMPLE

How to recognize that this is a fake

This mail is quite a thorough spoof, even using a smattering of BU teminology. If you read carefully, though, you will spot some sure clues that this mail is not legitimate.

• THE BIG CLUE: No one at Boston University will ever ask you for your password in e-mail! This is the key information you need to spot the fake, but in this example you might also notice the other clues below.
• LOOK AT THAT HEADER: Look carefully at that From field as well as the Reply-To. (Spoofers can and often do disguise these more thoroughly, but in this case, you can easily spot that these are not BU addresses.)
• GRAMMAR AND SPELLING: There are a few grammatical and spelling mistakes that you would never find in an official mailing. (These used to be a sure tip-off, but over time, many spoofers have been improving their proofreading and/or translation skills.)

Here's the spoofed mail:

From: Office of Information Technology <louiseflynn12@eircom.net>
Organization: Eircom Net (http://www.eircom.net/)
Reply-To: <ucla-emailservice@gala.net>
Date: Tue, 5 Aug 2008 04:33:37 +0100
To: <allaccountholder@bu.edu>
Subject: Service Maintenace/Upgrade

Attention BU Account User,

This message is from The Boston University WebMail Service Center, to
all BU email account holders, On wed, Aug 6Th, 2008, from 6:00 PM until
11:00PM, all Mailhub systems will undergo regularly scheduled
maintenance.Access to your mailbox via the BU ACS Mail Portal will be unavailable
for some time during this maintenance period. We are deleting all unused BU
email account to create more space for new accounts.

We have also noticed that our BU email account holders have been
receiving phishing mails form imposters asking for their personal informations.
So we intend upgrading our Digital mail Security Server for better
online services.

In order to ensure you do not experience service interruption, Please
you must reply to this email immediately entering your BU ACS email/login
name here:(*************) Kerberos password here (************) for
comfirmation/identification to enable us upgrade your account for better online
services please do reply to this mail.

You will be sent a new confirmation/alphanumerical password so that it
will only be valid during this period and can be changed after this process.

Thanks for your understanding

Office of Information Technology Boston University

 

IT Help Center   BU 

• © Boston University