Phishing Attack - "Wells Fargo: Customer Support - New message" (Sept 09, 2013)

Periodically we receive reports of phishing attacks that aren't specifically targeting Duke but are still of concern to our communities. We've reported on similar attacks in the past. Monday, 9/9, we saw purported Wells Fargo Customer Support emails. These types of attacks are generally meant to gleam financial/banking accounts but while some may share credentials between accounts, there is the possibility of providing both banking and Duke credentials.

 

The email(s) circulating on Monday appeared as the screenshot below:

 

As noted by the captured mouse over of the hyperlink, the destination is a Russian domain that is obviously not associated with Wells Fargo. The destination appears to be down and therefore we could not capture the form. We do advise anyone who may have seen this email and visited the link to provide credentials to immediately update their account info related to the info provided. If your account info shares Duke credentials, we ask that you please contact the OIT Service Desk at 919.684.2200 to gain assistance with updating Duke accounts.