Targeted phishing attack against Department of Computer Science (again)

23.01.2014 - 17:00 - 20:00

We have received a massive amount of phishing emails trying to lure our users to enter their login credentials to a fake login page. What makes this attack special is that it was specifically targeted against the Department of Computer Science.

The phishing emails were probably sent using an inactive email account of an ex-student at an US university that has outsourced its email services.

The fake login page was hosted by a large web hosting provider (used by many big companies) running on Amazon web services.

Our spam detector was after the first reports modified to recognize these phishing emails and the abuse department of the hosting provider was asked to take down the fake login page. 

Because of the great amount the phishing emails and the targeting we decided to resort to an exceptional parctice:

All phishing emails (connected to this attack) have been automatically removed from user's inboxes. This kind of retroactive unwanted email detection and deletion is not normal practice and will not be carried out without serious reasons.

24.01.2014 - 09:52 Petri Kutvonen
24.01.2014 - 09:52 Petri Kutvonen