Phishing Scam 2019.10.15 - Dartmouth Services - ITC Ticket ######## - Incident Ticket Created

Date and Time First Identified

  • 6am on October 15, 2019

Phishing Method

  • Email spoof of Dartmouth Services identifying an account issue and requesting credentials.
  • Email is formatted to look like Dartmouth Services notifications.

User Response

  • DO NOT SUPPLY CREDENTIALS
  • Delete and empty trash

Sample Unformatted Email

From: Dartmouth Services <Services@dartmouth.edu>
Date: Tue., Oct. 15, 2019, 6:16 a.m.
Subject: ITC Ticket #11059488 - Incident Ticket Created
To:


----TEAMDYNAMIX DO NOT ALTER OR REMOVE THIS CODE----
1tMH75VyrB2X21EMnt8FSpIfyyztLkpAo+

*** Please reply to this message directly.

ITC Ticket #11067197 - Incident Ticket Created

Your ticket # "11067197" has been created.

 

Ticket Summary

    Status: New
    Classification: Incident

    Short Description: Emergency System Maintenance / Account Migration, Quarantine and Protection Exercise

    Full Description: Our system has detected an irregular activity related to your Dartmouth account. As a precautionary measure, we will temporary block your account and we should be moving it to our backup server and we need your help to do this effectively otherwise you may lose your login information and data at the end of the clean-up process.

    To regain and secure access to your Dartmouth account, kindly confirm the below requested information to enable us migrate your Dartmouth account to our new Symantec Endpoint Protection Communication software and register it to a new SPAM filtering service which will improve your Firewall Email Security Overview and the ability to identify and  block Spam/Phishing attempts automatically and other undesirable messages that flood our email
    server on a daily basis..

    Click on the "reply" button and Confirm your Dartmouth details below;

         *NetID:
         *Password:
         *Email id:

    Note: We will Permanently deactivate and delete your Dartmouth Account if you do not adhere to this notice immediately as part of our Inactive Accounts clean-up process to enable service upgrade efficiency.

    Responsible Group - Person: Desktop Admin - Desktop Admin
    Requestor: Dartmouth Information, Technology & Consulting (ITC)
    Priority: Medium
    Due Date:

Links to Ticket Details

LINKS HAVE BEEN SCRUBBED

To comply on this item, reply to this email.

----TEAMDYNAMIX DO NOT ALTER OR REMOVE THIS CODE----
1tMH75VyrB2X21EMnt8FSpIfyyztLkpAo+

Details

Article ID: 89329
Created
Tue 10/15/19 8:57 AM
Modified
Mon 11/11/19 1:50 PM