New phishing email scam hits WSU campuses

PULLMAN, Wash. – A phishing attempt is making the rounds on all Washington State University campuses. Information Services asks the WSU community to be alert to these fraudulent attempts to gain your WSU Network ID and password or other personal and confidential information. 
 
Below is the email, including typos. Please be wary of clicking or launching any links in emails.
 
From: Washington State University [noreply@wsu.edu]
Sent: Sunday, February 03, 2013 6:02 PM
To: Recipients
Subject: {Suspension Of Your wsu.edu Account}*
Access to this server is available from your location through the Universal Resource Locator Click or Copy the below link to a browser and fill the required information’s: (Link has been removed for security)
Here’s what to do
If you do not reply to the email, then you are fine; there’s nothing more you need to do. If you did click on the link, but didn’t enter any personal information (such as your Network ID or password), then the phishers will not have your account information and there’s nothing more you need to do. Just delete the email.
 
However, if you responded to the phishing email and entered your Access ID or Network ID and password or any other personal information, the phishers will have collected that information. The WSU IS Security Office recommends that you immediately change your password and contact the IS Help Desk at 509-335-4357 or helpdesk@wsu.edu
 
How to spot a phishing email
 
Review and compare the “from” email address. Do you recognize it and does it match the company or entity referenced in the body of the email? If not, be suspicious. This particular phishing attempt is more clever than some as it mimics WSU in the “from” email address. It is still a fraudulent email.
 
Is there a link/URL embedded within the email asking you to click on it? Be wary; it will probably ask you for your login and password or it may even download malware onto your computer.
 
Phishers are getting very tricky mimicking official organizations; be cautious of any email asking you to click on a link or to supply your login and password.
 
Never respond
 
The IS Security Office recommends that you never respond to requests for personal information that may be contained in suspicious emails, voice messages or text messages. It is best to assume any solicitation of personal information employing fraudulent methods is not authentic.
 
Phishing is the act of attempting to acquire information such as user names, passwords and/or credit card details by masquerading as a trustworthy entity in an electronic communication.
 
For further assistance, please contact your departmental IT support staff or the Help Desk at 509-335-4357 or helpdesk@wsu.edu.