An e-mail recently sent to students warning them to update their online account records for the U.S. Bank National Association has been deemed illegitimate, a member of University Computing Services said.
David Powell, UCS lead systems manager and security engineer, traced the message to a small-time hacking group out of Pusan, South Korea.
"This definitely isn't a worm-generated message," Powell said. "Typically, when you get this kind of information outside of the U.S., it's a hacking group. Most likely, it's some group of people who just set up this Web site hoping against hope that some people will fall for it."
The fake e-mail, titled "Online banking issue," issued a warning that its recipients' account information needed "to be updated due to inactive members, frauds and spoof reports." The message requested that the recipients spend five to 10 minutes to renew their records, warning that failure to update their records would result in account suspension. According to the message, notification for the update would expire Thursday.
The e-mail then provided a link to a "U.S. Bank Internet Banking" page, which asked for each customer's credit card number and expiration date, ATM pin number and Social Security number. The page linked to several legitimate "U.S. Bank" Web sites, though the page itself was fake.
Powell said the e-mail was sent through a process known as "phishing," in which the message is human-generated as opposed to worm-generated. He said he was able to determine the e-mail's illegitimacy after he looked at the link and realized that the page it sent people to had a straight IP address, which is uncommon for online banking sites. The Web page also had no "https" encrypted message, verifying its illegitimacy, he said.
Powell referred to the American Registry for Internet Numbers (ARIN) Web site, which was able to track the IP address to a Web-hosting company in Pusan. Powell also said that a person identified as K. Tseobusanjisa was in charge of the company, though Tseobusanjisa did not necessarily play a role in the "phishing" process.
He said members of the Web-hosting company most likely came together as a small-time hacking group and were able to use the e-mail addresses they knew of several faculty or students currently visiting Ball State. They most likely used such addresses to send their message to the United States, he said. Powell said in such cases, the FBI is eventually able to catch up with the group and close them down.
Amy Frantti, vice president of media relations for U.S. Bancorp, parent company of U.S. Bank, said when she first heard about the illegitimate e-mail Monday, she was concerned. She said she was confident the bank did not play a role in the scam and that current customer information has not been tampered with.
"We would never jeopardize our customers' accounts," Frantti said. "We would never ask them for information we already have."
Powell said he sent an e-mail to students and faculty Monday night, detailing what the Ball State community should do to guard itself against future "spam" messages. For example, students and faculty can upgrade their Outlook e-mail client to the 2003 version and enable "Junk E-mail Filtering," he said.
UPD police chief Gene Burton said he advises students and faculty to simply delete and ignore the junk mail they receive and to contact UPD if they do open a message they believe might be fraudulent. People should also avoid giving personal information over the Internet and should contact companies who send them e-mails to determine whether they are valid, he said.--2)+â-ä+â-ì+â-Ä-ú-¿-ó--,+â-û(iS+â-++â-+Kx`:-+--$y:Jz-+%+â-ñ+â+â-ƒmb-+---ú+â-ÇSn?-¦+â-í"0+6|"+â-êQ+-+R<~+â-äK+â-Ä"+â-ä@;-¬+â-+i-¼+â-¬+â-+&2D4+â-¦j+â-++â-ê>(* +â-ƒ+â-â-¿+â-û?"*"Y+â-Öz*@?'+â-++â-¡"-¬'+â-Ç2B'&'"+â-ähQ^#nBC+â-ƒ-¬-¿+â-£@ -»<-+-¦-¦-¿c*%-¦Z+â-ÿ,+â-ä+â-ÿ+â-Ñ+â-¦-«j-º"3A+â-ïZh+â-+sL+â-ñ+â-¿+â-ä+â-¬k+â-¡+â-ÇUp"+â-Å|+â-»+â-¡+â-¡ +â-ìo&RX~+â-ï+â-Äd+â-ÿT+â-ì_B+â-++â-ƒ)-¦a-¬l-¦N_PG2_scam_4/27DNEditorial--2-++â/+â-ª2AUDT
+â-ä-+|
Read More
Three Air Jam teams take home the win
October 12, 2012Nineteen teams shimmied, shook and flipped for a sold out John R. Emens Auditorium on Thursday night during the 25th annual Air Jam.
Bill Clinton Speaks at North Central High School
October 12, 2012Former President's Speech Could Have Effect on State Senate Race
