Your browser does not support JavaScript!
Google  

 

 

:::
[101/06/10] 電子郵件社交工程詐騙(Attention Ym.Edu.Tw User)

[101/06/10]

電子郵件社交工程詐騙(Attention Ym.Edu.Tw User)

 

提醒您:

若您收到如下例之信件,告知您電子郵件信箱容量滿載,需請您回覆,並告知相關個人訊息,例: 

*Email

*UserID

*Password
*Confirm Password
*Date of Birth
*City

 

此乃為駭客利用一般郵件使用者未過瀘信件或不會注意寄信者的來源的弱點

以騙取讀信人的個人資料

 

其寄信之範例如下:

---------------------------------------

From: Ym Online Services [mailto:online.service@cpll.cn]
Sent: Sunday, June 10, 2012 3:04 AM
To: undisclosed recipients:
Subject: Attention Ym.Edu.Tw User

 



Attention Ym.Edu.Tw User

This mail is to inform all our valued customers that we are currently maintaining and upgrading our database to a better serve. As we are very concerned with stopping the proliferation of spam. We have implemented Sender Address Verification (SAV) to ensure that we do not receive unwanted email and to give you the assurance that your messages to Message Center have no chance of being filtered into a bulk mail folder, also there would be a removal of all unused Accounts. To help us re-set and upgrade on our database prior to upgrade your account, You would have to confirm your E-mail account by filling out your log in information below after clicking the reply button.

*Email Address:
*UserID:
*Password:
*Confirm Password:
*Date Of Birth:
* City:

message center will confirm your identity including the secret question and answer immediately and reply you with a new Default Password which you must reset again. Failure to do this will result to email deactivation within 48hours.

NOTE: If you have done this before, you may ignore this mail.

Thank you for your understanding.
© 2012 Ym.Edu.Tw Online Services

 


有幾個可及時注意之資訊,可簡易分辨,茲列述如下:

1.資通中心並不會寄@cell.cn的mail給大家。使用本校的電子郵件,@後面接的一定是@ym.edu.tw或是@xxx.ym.edu.tw

2.資通中心有所有使用者的Email,不需再另外請使用者提供

3.不需詢問City

 

如您仍有疑義,可至本校資訊安全與個資保護網站中查詢,或聯繫「123」資通中心服務台協助確認

 

資訊與通訊中心敬啟

瀏覽數