Notification of Server Breach Mistaken For Phishing Email

Posted by samzenpus on Wednesday February 20, 2013 @09:01PM from the it's-not-what-you-say-but-how-you-say-it dept.

netbuzz writes "Educause members and 7,000 university websites are being forced to change account passwords after a security breach involving the organization's .edu domain server. However, some initially hesitated to comply because the Educause notification email bore tell-tale markings of a phishing attempt. 'Given what is known about phishing and user behavior, this was bad form,' says Gene Spafford, a Purdue University computer science professor and security expert. 'For an education-oriented organization to do this is particularly troubling.'"

2 of 65 comments (clear)

Min score:

Reason:

Sort:

Trivial by Arancaytar · 2013-02-20 22:04 · Score: 1, Informative

Just ignore the links in the email, go to the website you know to be real, and change your password.
1. Re:Trivial by ACalcutt · 2013-02-21 01:00 · Score: 3, Informative
  
  The link to reset the password in the email went to educause-domain.informz.net that redirected to net.educause.edu. This particular email did seem a little suspicios