Phishing Attacks Targeting Duke (November 11, 2012)

Over the weekend of November 10-11, a phishing scam was launched against many duke.edu email addresses. The message was entitled "Read This" and requested the user to "Click Here" to update their mail account.  

 

If you click on the link, you are taken to a non-Duke site and asked for your Duke netID and password.  The site looks very similar to Duke's WebMail site, but it is a fraud, as indicated by the website's address: "nawao.5gbfree.com." 

 

If you submitted your credentials to this form, please contact the OIT Service Desk or the Duke IT Security Office immediately.

 

OIT Service Desk:

(919) 684-2200

help@oit.duke.edu

http://oit.duke.edu/help/

 

Duke IT Security Office

security@duke.edu

https://security.duke.edu

 

The message looks like the following:

 

 

The fraudulent site looks like the following: