Local University Student Victim of a Global Phishing Attack?
A reader who wanted to remain anonymous wrote in to us with a rant that her student account had recently been compromised. While she did not reveal which university she was from, she mentioned that she had received an email one day which was supposedly sent from her university. The email had apparently directed her to the school’s website to update her particulars. It was only moments later when she was unable to login to her student account, that she realized that her account had been compromised.
According to local news, Singaporean universities are among targets of a global phishing attack directed at universities and educational institutions. A phishing attack is one in which a user’s login credentials are stolen by way of misleading them to login to a spoofed/fictitious version of the original website.
Just yesterday morning on 30th Oct, the NUS Office of Alumni Relations sent out emails to students warning them that the university had detected evidence of phishing attacks directed at its students.
The modus operandi of the phishing attack involved sending emails to students reminding them to either return borrowed books which are due soon, or to extend the length of their book loan, and directs them to a spoofed/fictitious NUS library portal website. The user’s login details are stolen after they login to the website, and later used to gain access to the university’s library resources, including academic research and intellectual property.
NUS has since reminded its account users to report any instance of these phishing emails, and to be cautious about not accessing any website with URLs not ending with nus.edu.sg, and that the university’s library portal is only accessible via libportal.nus.edu.sg.
According to NUS’s media spokesperson, these series of worldwide phishing attacks were discovered by the university on 15th Oct. The university’s I.T department is currently conducting a thorough internal investigation of the matter, and assessing the impact/damage of this phishing attack.
The spokesperson added that the phishing attack appears to be targeted at the accounts of students and alumni members. So far there has not been any reports of any university accounts being compromised, but the university is closely monitoring the situation for any further developments.
Editor's Note: Do you have a story to share? Please use our Submission Form or email us.If not, why not give us a 'LIKE'
Ping me on WhatsApp