This morning many computer users at MIT noticed an e-mail in their inboxes with the following subject line:
MADATORY SECURITY UPDATE - JANUARY 2010 [spelling error intact]
The message goes on to ask you to login to your e-mail account to ensure your account information is up to date, due to an upgrade to an "advanced server" to prevent spam from reaching your inbox. A link is provided, with a URL that has mit.edu included in it. This message is not from MIT!
MADATORY SECURITY UPDATE - JANUARY 2010 [spelling error intact]
The message goes on to ask you to login to your e-mail account to ensure your account information is up to date, due to an upgrade to an "advanced server" to prevent spam from reaching your inbox. A link is provided, with a URL that has mit.edu included in it. This message is not from MIT!
Many members of the MIT community are aware that such messages are
fraudulent and will ignore them. But it is important to spread the word
to those who may fall for such messages. If a user clicks the link, his or her
username and e-mail password could be compromised. Within minutes, the
hackers will be able to login to the user's e-mail account and use it to send out the spam they
claim in their message they are trying to prevent.
This is yet another phishing attempt. To learn more, go to the What is a phishing email? entry in the IS&T Hermes knowledge base.