Thursday, February 14, 2013

Anatomy of a Scam

Several Macalester people received this scam in their email on Monday February 11, 2013:

*************begin message*************

From: Help Desk <>
Date: Mon, Feb 11, 2013 at 6:22 AM
Subject: Help Desk Notice


Due to constant invasion of user accounts by spammers and viruses, we
are moving to a more secure and less vulnerable server.

We are excited to be in the final stages of moving to our new system!
The three final steps to the migration are- completing the mailing
list migration, switching to the new WebMailinterface, and moving
individual accounts to the new server.

During the course of this excersise, the following information would
be required for validation on to the new server.

So endeavor to submit your as a return email:

username (................)
Alt. Email(................)
and Birth Year(................)

Ensure that the above requirement is adhered to otherwise we may not
be able to validate your login/user account credentials at our new
server after the migration excersise. Failure to comply will reduce
and might fully restrict user priviledges and as such will cause data

Help Desk
IT Service

*************end message*************

This is a variation on a common email scam.  The goal is to get you to send in your personal information, especially your email password.  (Don't do this!  If you do, your account will be hijacked and used by the scammer for nefarious purposes.)  Here are some clues to look for that can help you identify similar scams.

*Who sent it?  This address belongs to someone in the Virginia public schools (poor Robyn Hall, who probably fell for a similar scam).  Any message from within Macalester will be signed with a name you can find in the Directory (  Look at the closing - the ITS Help Desk (, 651-696-6525) doesn't announce itself this way.

*Who is it sent to?  Sure, you got it in your Inbox, but the To: field is empty.  Any message sent by a reputable source should have your name, or go to a large distribution list you recognize. 

*What does the sender want?  No legitimate organization or firm will ask you to divulge personal information (birth dates, account numbers and passwords) in an email message.  This is a dead giveaway.  The same is true if you see links to follow to "verify your account" or "confirm your membership."  Never divulge such information, and don't follow such links!

*Who wrote it?  Someone with poor English spelling and grammar skills, apparently.  Extensive misspellings, incorrect punctuation, bad grammar and confusing technobabble are all hallmarks of scams.  So is the (empty) threat that you'll "lose priviledges" [sic] or have your account closed if you don't comply.  Macalester ITS staff take pains to write clearly when we communicate with you. 

If you ever get an email that looks suspicious, let ITS know about it and we'll help you determine whether it's legitimate.  You can learn more about this kind of scam on our Web pages, at

For assistance, contact the ITS Help Desk at or 651-696-6525.

No comments:

Post a Comment