Phishing Attack "The Duke! Helpdesk" (July 7, 2013)

Sunday evening, a new phishing attack targeted Duke purportedly from the "Duke! Helpdesk". The message claimed to be automated and in response to a detected login from an unrecognized device providing both a timestamp and IP address. A non-Duke URL was provided asking the recipient to review their account.


The message is captured in the screenshot below (notice the non-Duke URL):



And for any who clicked through to the Webs hosted form, you're presented with the following:



As the attack hit afterhours over the holiday weekend, we suspect the likelihood of compromised accounts to be greater. If you or someone you know have provided your account credentials to the form, please notify the OIT Service Desk or the IT Security Office as soon as possible.


OIT Service Desk


IT Security Office