News by Topic

Click on a topic below to see the latest headline

Customize "My Headlines" by Topic

Choose the topics of most interest to you to follow under "My Headlines".

Subscribe

Sign up for newsletters, news feeds, social media and other news sources.

Resources for News Media

Are you a reporter working on a story? Here's where you find help from Duke.

Phishing Attack Poses as Credit Union

Phishing Attack Poses as Credit Union

E-mail requests users to submit personal financial information to phony website

Topics for this story: News Releases, Students
January 15, 2009 |
print |

Durham, NC - On Wednesday evening, Duke's Office of Information Technology (OIT) discovered a phishing attack claiming to be from the Duke University Federal Credit Union and requesting recipients submit their personal financial information through a phony website.

OIT promptly blocked the source of the phishing e-mails into Duke, requested that the phony website be removed from the Internet and blocked access to the replica website from the university's network.

The phishing phishing attack claiming to be from the Duke University Federal Credit Union and requesting recipients submit their personal financial information through a phony website.

OIT promptly blocked the source of the phishing e-mails into Duke, requested that the phony website be removed from the Internet and blocked access to the replica website from the university's network.

The phishing e-mail message, which included the logo of the Duke credit union, was sent to various faculty, staff and students and told recipients their card had been automatically enrolled in a program called "Verified by Visa."







The e-mail asked recipients to click on a link to set up a password to protect their card from unauthorized use when shopping at online merchants. The website, which was a replica of the credit union's actual login website, requests users to submit their personal financial information, including Social Security number.

Anyone who receives the message should immediately delete it. If you think you are the target of a phishing email, please forward the email with full headers to help@oit.duke.edu.

What is phishing?

Phishing is an attempt to criminally and fraudulently acquire sensitive information, such as usernames, passwords and credit card details, by masquerading as a trustworthy entity in an electronic communication. Phishing is typically carried out by e-mail or instant messaging, and often directs users to reply or enter details at a website, although phone contact has also been used (source: Wikipedia).

For more information on phishing, visit: http://www.oit.duke.edu/help/phishing.html

© 2012 Office of News & Communications
615 Chapel Drive, Box 90563, Durham, NC 27708-0563
(919) 684-2823; After-hours phone (for reporters on deadline): (919) 812-6603

Also in… News Releases

See all in News Releases