One use of a hacked/phished email account is to send a request for help to everyone in the addressbook and more. Here's how one of those scams plays out...
Internet Skeptic Blog
Jun 8, 2016
On March 7 we received about 50 copies of a phish requesting a research article. The link provided went to a copy of the USU login page on a web server in India.
Feb 18, 2016
Don't let 'Locky' crypto-ransomware lock you out of your data. It may come to you in a malicious Word document macro.
The Social Security Administration is sending out its annual reminders and phishing scammers are right on their heels with fake copies, trying to get your SSN.
Dec 10, 2015
Overnight we received a fake account expiration email notice for the USU Library. The recipient is instructed to go to what looks like a Library login link that goes instead to a fake copy of the USU Login Page.
When browsing the web, keep an eye on the address displayed in the Address Bar of your browser. It can help you to stay out of the bad side of the web.
Jul 23, 2015
Do security experts protect themselves differently than regular users? Find out which group you match.
Jul 22, 2015
Spammers create Instagram accounts and may give your email address in hopes that you will respond positively to the Welcome message from Instagram. Then the spammer will spam and spread malware with the account that you seem to own. Do not confirm those unexpected Welcome messages from Instagram.
Here's a visual summary of common words in phish message subject lines and what email host was used to send the message over the past two years.
Securing USU's confidential data is increasingly important. Regulations, fines, legal liability and the trust of our students and employees all demand our best efforts to protect confidential data.