Affordable Care Act Phishing Campaign and University Employee Payroll Scam.
Connectikpeople.co is aware of a phishing campaign purporting to come from
a U.S. Federal Government Agency. The phishing emails reference the Affordable
Care Act in the subject and claim to direct users to health coverage
information, but instead direct them to sites which attempt to elicit private
information or install malicious code.
Connectikpeople.co encourages users to take the following measures to
protect themselves:
- Do not follow links or download attachments in unsolicited email messages.
- Maintain up-to-date antivirus software.
- Refer to the Avoiding Social Engineering and Phishing Attacks Security Tip for additional information on social engineering attacks.
If affected by the campaign, users should report the incident to
appropriate parties within their organization and notify US-CERT.
In the same line, the Internet
Crime Complaint Center (IC3) has issued an alert addressing a spear phishing
scam targeting university employees and their payroll accounts. Scam operators
use fraudulent e-mails and websites to entice employees to reveal login
credentials.
Users are encouraged to review the IC3 Alert for details and refer to Security Tip ST04-014 for information on social engineering and phishing attacks.