Affordable Care Act Phishing Campaign and University Employee Payroll Scam.

Connectikpeople.co is aware of a phishing campaign purporting to come from a U.S. Federal Government Agency. The phishing emails reference the Affordable Care Act in the subject and claim to direct users to health coverage information, but instead direct them to sites which attempt to elicit private information or install malicious code.

Connectikpeople.co encourages users to take the following measures to protect themselves:

• Do not follow links or download attachments in unsolicited email messages.
• Maintain up-to-date antivirus software.
• Refer to the Avoiding Social Engineering and Phishing Attacks Security Tip for additional information on social engineering attacks.

If affected by the campaign, users should report the incident to appropriate parties within their organization and notify US-CERT.

In the same line, the Internet Crime Complaint Center (IC3) has issued an alert addressing a spear phishing scam targeting university employees and their payroll accounts. Scam operators use fraudulent e-mails and websites to entice employees to reveal login credentials.

Users are encouraged to review the IC3 Alert for details and refer to Security Tip ST04-014 for information on social engineering and phishing attacks.