Threat Watch

News and Announcement Archive ×

'Picture and video message MMS' Spam2013-05-22 11:09:23

Fake email messages with the title: "picture and video message MMS" have been arriving on campus. Do NOT open the attachment. Delete and ignore.more »

New Webmail Phishing Attack2013-04-23 14:33:20

There is a fake message purporting to come from 'webmaster@lancs.ac.uk' going round. Do NOT open it, do not reply and do NOT click on any links in the message.more »

Quota Size Phish Attack2013-03-11 12:40:18

An message to 'UCISA-ANNOUNCEMENTS' with a subject line: 'Quota size: 94.6% Warning !!!' is a phishing attack. Do NOT follow the link. Delete and ignore.more »

Webmail Phishing Attack2013-02-28 10:00:47

There is a new Webmail Phisging attack going round subject: "WEBMASTER EMAIL ACCOUNT UPGRADE". Do not follow the link and do not reply. Delete and ignore. more »

Background Record Phish2013-02-26 12:57:39

There is a new Phishing email going round that has the subject "Subject: Your background records may have been viewed (email address)". This is a Phishing attack - delete and ignore.more »

Fake Parcel Delivery Messages2013-02-21 10:45:55

There are a number of 'fake parcel delivery' messages appearing to come from companies like FedEx arriving in in-boxes on campus. Do not open the attached zip file - it contains a dangerous Trojan.more »

'Email Security Upgrade' Phishing Attack2013-01-30 10:44:23

eBay Phishing Attacks2012-11-13 16:17:40

Some people are receiving a lot of messages from eBay with titles like: 'Failed Payment' and 'Payment Processing Error'. These are Phishing attacks. Do NOT click on any links and do NOT reply to these emails. more »

Adobe Reader PDF Alert2012-11-09 16:53:16

There is an un-patched vulnerability in the Acrobat Reader PDF system that could allow infected PDFs to infect your PC with a damaging Trojan.

ISS advises users to be more cautious than usual when opening unsolicited PDFs in email or online.more »

UPDATE - AOL Blocking University Email2012-11-08 12:20:17

Friday 9th Nov - Mail delivery to AOL email addresses is now OK.

---

Due to a 'Trojan' infected PC sending out Spam to AOL addresses, the University has been blocked by AOL. Delays in outgoing mail to AOL are being experienced by users. Users will get an error message back if their email has not been delivered to an AOL address.

Users are reminded to be careful about clicking on unknown links in emails and opening/downloading attachments in suspect emails.more »

Vodafone New Message - Phishing Attack2012-11-06 13:13:20

Fake email messages with the subject: "You have received a new message" appearing to come from Vodafone are arriving on campus. Delete and ignore. For further information click on 'more'.more »

Facebook Spam2012-09-17 12:33:45

Email messages purporting to come from Facebook with the subject: "Your friend added a new photo with you to the album" (or similar) are being received on campus. These messages are fake and could be harmful. Do not open any attachments or click on any links. Delete and ignore.more »

New @lancaster Phish Attack2012-08-22 15:23:49

Messages with the subject: "Dear @lancaster.ac.uk Account Subscriber," are arriving in people's inboxes. This is a Phishing attack. Do NOT open the attachment. Click 'more>>' for details.more »

Banking Phish Attacks2012-08-06 11:02:13

When you get emails purporting to come from a bank asking for your account details. They will be fakes. These attacks vary in quality, but when you get a good one from your 'own' bank it can be tempting to respond. Do NOT open attachments. Do NOT click on any links. Do NOT reply to banking email. If you are concerned, contact your bank by other 'known means' for confirmation. Follow 'more' for an example.more »

Hotel Reservation Phish2012-08-02 14:59:15

Fake Hotel Reservation messages subject: "Reservation Confirmation [1845412], Thu, 2 Aug 2012 19:04:55 +0800", have been arriving on campus. Do not open the attachment. Delete and ignore.more »

Webmail Phishing Attack2012-07-31 15:51:24

Fake email messages, subject: "Warning Attention!! Activate! Webmail Quota Limint!" have been received on campus, warning users that they have exceeded their quota. Ignore the message, it is a scam.more »

More Spam Arriving On Campus2012-06-21 16:09:22

Currently, an increased amount of Spam is being received on campus. The senders, subject lines and content vary, but also resemble each other. ISS is investigating. Follow 'more' to see a sample.more »

Spam Attack apparently from yourself2012-06-18 16:35:20

A large number of messages with various subjects including: "New Company concerning itself with the advertising" and "Green technology,alternate methods of power" appearing to come from yourself are arriving on campus. Do not reply or follow any link. Note - the spammers are able to 'stuff' the recipients name into the 'from' field. This does NOT imply any virus infection.more »

DHL Spam Emails2012-05-24 16:16:07

Fake DHL parcel tracking messages have been arriving on campus. Treat DHL messages with caution. Do not open attachments or follow links in the DHL messages.more »

Fill Out Form Phish Attack2012-03-23 09:52:42

A fake email, subject: "Alert." and signed "Lancaster University" has been seen on campus. Do NOT fill out the form. Do NOT reply. Do NOT give out any personal information.more »

Targeted Phishing Attack2012-03-22 12:21:22

A fake email has arrived on campus, subject: "Update" and signed "Lancaster University". This is a targeted phishing attack. Do not follow the link or enter any personal information into any form that may appear. more »

Email Account Profile Phish Attack2012-03-21 10:40:17

An email, subject: "Urgent! Email Account Profile Update", has been received on campus. This is a Phish attack. Do NOT follow the link or enter personal information into any form that may appear.more »

Notification Desk Phishing Attack2012-01-04 11:14:19

A phishing attack message is arriving in mailboxes, subject: "This message is sent automatically by the computer." Do NOT fill out the form and do NOT reply to it.more »

Fake Student Finance Message2011-09-26 12:57:57

A fake messages about student finance, subject: "Unlock Your Student Finance Account Now", has been seen on campus. This is a phishing attack, do NOT follow the link or enter any personal data.more »

Phish attack - no subject2011-07-11 12:43:16

An email message with no subject, which claims to come from the 'Web Service Administrator' and states that you have reached your mailbox limit, is arriving in University inboxes. This is a Phishing Attack. Do NOT click on the link in the message.more »

Fake Facebook Admin Message2011-07-01 15:50:06

An email subject: "Facebook Administration has sent you a notification", is arriving on campus. This is a fake message. Do not respond in any way.more »

Phish Attack:: Notice2011-06-27 17:07:30

An email message with the subject: 'Notice' is arriving in University inboxes. It purports to come from 'webmasterr@lancaster.ac.uk'. This is a Phishing Attack. Do NOT click on any links in the email.more »

Phish Attack 'Account User'2011-06-16 17:09:16

A phishing email subject: "Dear Webmail Account User" is arriving in people's inboxes. Do NOT follow the link.more »

Phishing Attack 'Email Alert'2011-06-14 10:49:05

An email subject: "Email Alert", and purporting to be from 'Admin@lancaster.ac.uk' is arriving in inboxes on-campus. This is a Phish Attack. Do NOT reply or click on any links in the message.more »

Upgrade Your Mailbox Phish2011-05-10 11:03:24

An email message with the subject "Upgrade Your Mailbox" is arriving in University inboxes. This is a Phishing Attack. Do NOT follow the link. Delete the message.more »

Fake Order Scams2011-04-01 10:23:08

There are fake order Scams arriving on campus featuring 'mobile phones' and 'watches'. Do NOT click on links. Do NOT open attachments.more »

Webmaster Phish Attack2011-03-31 11:20:56

A fake email subject: "Lancaster University Webmaster." is arriving on campus. This is a Phishing attack. Do NOT enter your password. Do NOT reply. more »

United Parcel Service Phish2011-03-28 09:56:40

Fake UPS parcel notifications with the subject: "United Parcel Service notification 20512" have arrived on campus. This is a phish attack. Do NOT open the attachment. Do NOT enter your password into any form you may see.more »

Tax Rebate Phish2011-03-02 10:13:19

There is a fake email subject: "Tax Rebate" arriving in inboxes. The message is a phishing attack. Do NOT click on any links in the message. Do NOT enter your password into to any form you may see.more »

Don't put passwords in emails2011-02-24 12:40:40

Users are still compromising their IT accounts by providing their account details (usernames/passwords) in emails. Never answer email requests for your password. If you have replied to an email, giving away your password, contact the ISS Service Desk without delay. more »

Skype New Version Scam2011-02-24 12:29:18

A fake email subject: "New Version Skype Has Been Released ! Upgrade Available Now" is arriving in inboxes on-campus. It is a Scam/Phishing Attack. Do NOT follow the links or make payments for plug-ins.more »

Student Loan Phish 2011-02-18 14:16:30

A fake email subject: "Student Loan Account Locked!" is arriving on campus. It is a Phish attack. Do NOT click on the link in the message. Do NOT fill out any form you may see.more »

Webmail Validate Phish Attack2011-02-17 10:56:08

A fake email subject: "Validate Your Mailbox And Increase Your Quota" is arriving in inboxes on-campus. It is a Phish attack. Do NOT click on the links in the message. Do NOT fill out any form you may see.more »

Tax Refund Phish Attack2011-02-14 12:57:33

A fake Tax Refund message subject: "Tax Refund New Message Alert !" is appearing in inboxes on-campus. Do NOT open the attachment and do NOT fill in any form you may see.more »

Phishing Attacks2011-02-08 14:46:11

At the present time, ISS is once again dealing with a number of compromised IT accounts. This has been caused by members of the University revealing their usernames and passwords to 'phishing' attackers. If you wish to check whether an email is genuine, or if you believe that you may have responded to an email with your credentials or gone to a website and filled in a form for 'more quota' or similar then please contact the ISS Service Desk without delay.more »

Two Phish Attacks2011-02-03 15:11:48

Two current Phish attacks with the subjects: "Abuse" and "Yahoo!: Breaking News!" take Phishing iteslf as a theme. Don't be fooled. Do NOT reply. more »

ACCOUNT UPGRADE Phish2011-02-02 12:41:59

There is a fake email subject: "ACCOUNT UPGRADE" appearing in inboxes on-campus. This is a Phishing Attack. Do NOT open the message. Do NOT follow the link. Do NOT enter your password to any form you may see.more »

Above Your Limit Phish2011-01-31 15:39:08

Emails are arriving on campus with the subject: "20.9GB" claimming that you are "...above your limit which is 20GB." These message are fake and a Phishing attack. Do NOT reply. Do NOT click on any link in the message. more »

Tax Refund Phish Attacks2011-01-27 10:36:03

Fake email messages purporting to be from 'HM Revenue & Customs' with the subject: "-Tax Refund New Message Alert-" and "The contents of this email and any attachments are confidential and as applicable" are arriving on campus. Do NOT open the message. Do NOT open the attachment. Do NOT reply to the message.more »

Student Finance Phish Attack2011-01-24 09:52:44

Fake email messages purporting to be from 'Student Finance England' with the subject: 'Pending Messages !' have been seen on campus. Do NOT follow the links and do NOT enter your password.more »

Webmail Warning Phish Attack2011-01-18 11:56:08

Fake emails subject: "Warning Code: ACCOUNTHELPID67788980" have been arriving in campus inboxes. This is a phishing attack. Do NOT reply. Do NOT reveal your password.more »

Paypal-3D Phish Attack2011-01-17 10:22:34

An fake 'HM Revenue & Customs' email offering a payment refund with a subject: "Submit Your Payment Refund" is arriving on campus. It is a Scam or Phish - do NOT open the attachment.more »

Payment Refund Phish Attack 2011-01-17 10:19:33

An fake 'HM Revenue & Customs' email offering a payment refund with a subject: "Submit Your Payment Refund" is arriving on camps. It is a Scam of Phish - do NOT open the attachment.more »

Two New Phish Attacks2011-01-04 10:51:50

Two new phishing attacks emails have arrived this year with subject lines: "Webmail Account Verification(R)" and "Student Loan Finance Account Upgrade". Do not open the attachments or follow any links in either of these phishing attack messages.more »

Another Dangerous Phish Attack2010-11-23 14:32:27

Another phishing email subject: "You have reached the storage limit on your mailbox" is arriving oncampus. These 'phishing' messages are trying to get you to reveal your password. Delete and ignnore the phishing messages. Do NOT follow the link. If you do reveal your password please inform the ISS Service Desk as soon as possible.more »

Hotmail Blocks Uni Mail UPDATE2010-11-22 12:56:20

ISS have made changes to the University email infrastructure that are enabling the majority of email sent to Microsoft Hotmail, Microsoft Live Mail and external Microsoft Exchange systems to be received. ISS continues to monitor the situation.
-----
Due to people revealing their username and password to recent phishing attackers and their accounts subsequently being used to send out Spam, Microsoft is now blocking email from Lancaster University. More specifically, outgoing University email will not be received by Microsoft Hotmail, Microsoft Live and off-site Microsoft Exchange email addresses. The ISS mail team is working to get the University unblocked.more »

Uni Email Accounts Hijacked2010-11-19 11:18:28

Some people have responded to the recent phishing attack, subject: "Your mailbox has exceeded the allowed storage". Their accounts are being used to send out Spam one by one. If you think that you may have responded to this attack please contact the ISS Service Desk immediately.more »

Fake Webmail Message2010-11-18 10:27:24

Fake email messages subject: "Your mailbox has exceeded the allowed storage" are arring on campus. Do NOT follow the link in the message.more »

Phishing Attack: Admin Notice2010-11-04 16:30:25

A phishing attack subject: "Admin Notice (Important Message From Webmail Administrator)" is being received in a lot of inboxes on campus. It is a fake message 'phishing' for your account details. Do NOT follow the links or reply. Delete and ignore the message. more »

W32.Pilleux WORM2010-10-29 11:22:56

Also known as Mariposa & Butterfly Bot Net, the WORK spreads through file sharing, Microsoft Instant Messaging and Pen Drives.more »

Fake Tax Refund2010-10-21 09:30:36

A fake email, subject: "Tax Refund Notification" is circulating. Do NOT open the attachment.more »

Mailbox Full Phish Attack2010-10-18 15:23:28

There is a 'phishing attack' email subject: "Your mailbox is almost full" arriving on campus. Please ignore this email and do NOT follow the links in the message.more »

Fake Upgrade Notification2010-10-01 10:28:20

Email messages purporting to come from Adobe have been arriving on campus, subject: "ADOBE PDF READER SOFTWARE UPGRADE NOTIFICATION". The message is a phishing attack. Do NOT follow links or visit the site mentioned in the message. Delete and ignore.more »

University Email Blocked2010-09-29 15:49:25

Some legitimate University email is being blocked by external sites. People have been replying to recent email phishing attacks with their usernames and passwords. The attack perpetrators are using these 'phished' usernames and passwords to send out Spam from Lancaster University. This is causing the University to be reported as a source of Spam and blacklisted. We are now seeing our legitimate outgoing email being blocked by external sites such as: Lancaster City Council, the Open University and Hotmail.more »

Email Quota Phish2010-09-24 11:32:15

There is a 'phishing attack' email subject: "Admin Urgent Message (expand your email quota limit)" arriving on campus. Do NOT follow the links in the message. more »

Email Problem - RESOLVED2010-09-24 11:28:24

AMENDMENT - the email system will be normal after 11PM 24/09/2010 - [The 'Barracuda' Spam blocking service is blocking email from Lancaster University. Subscribers to the Barracuda service will not get our messages and the messages will be bounced back to us. The ISS Email team are working on getting the University 'unblocked'.]more »

Facebook Password Trojan2010-09-22 09:36:58

A fake email with the subject: "Facebook password has been changed" with an attachment: "Facebook_document_N4846.zip" is circulating. Do NOT open the attachment. Delete and Ignore.more »

Twitter Flaw RESOLVED2010-09-21 15:41:40

Twitter have RESOLVED the 'onmouseover' exploit. [Twitter has been 'infected' with 'tweets' that throw up 'popups' when you hover your mouse over an infected Tweet. At the time of writing the 'exploit' has mostly be used for 'fun' but this flaw could be used to place dangerous code on your computer.]more »

'Email Address' Attack2010-09-20 16:32:37

Trojan emails, subjects: "email addresses" OR "Report for you" OR "Notes from last week" containing an attachment with a name starting with a five figure number 43298(varies).html. Do not open the attachment.more »

Account Revalidate Phish2010-09-09 12:30:39

An email with the subject: "Important: Email Account Verification Update!!!" is circulating. This a phishing attack. Do NOT follow the link. Delete and ignore the message.more »

Account Owner Phish Attack2010-09-06 16:57:27

A phishing message with subject: "Dear LANCASTER.AC.UK Account Owner" is arriving in inboxes on campus. The message is a phishing attack. Do NOT reply. Delete and ignore the message.more »

Fake Account Notification2010-07-29 15:10:26

Fake emails with subject: "lancs.ac.uk account notification" and a dangerous Trojan in an attached file: "instructions.zip" are arriving on campus. Do NOT open the attachment. Delete and ingore the message.more »

Building Access Control Issues2010-07-26 12:51:21

The card acceess door locks on campus are currently not functioning correctly. ISS is working on the issue. Updates will appear here. more »

Facebook Appears 'Blank'2010-07-22 11:33:22

There is currently a problem with Facebook where users are seeing a blank page instead of the Facebook site. ISS have investigated and it appears that the problem is with Facebook. To workaround the problem users can visit http://www.facebook.com/home.php to access their Facebook account.more »

Statement of Fees Trojan2010-07-19 10:02:57

A dangerous email with the subject: "Statement of fees 2010" and a dangerous Trojan as an attachment, has been seen on campus. Do NOT open the attachment. Delete and ignore.more »

Trojan Attacks2010-06-21 14:35:00

Two varient messages carrying Trojans, subjects: "Love Is Like The Wind" or "How Much I Love You", have been seen on campus. Do NOT open the attachments. Delete and ignore.more »

New Webmail Phish Attack2010-06-21 09:20:22

A new Webmail phish attack, subject: "Dear Lancaster University Webmail User", is circulating. Do NOT reply. Do NOT give your password to anyone, especially by email.more »

Undetected Virus2010-06-04 14:46:34

A probable virus, not being detected by Symantec, has been seen arriving in users mailboxes. The email has an attachment named 'outlookupdate.zip.' Users should delete the email (and attachment) without opening it.more »

Fake Mailbox Setting Warning2010-05-07 13:44:39

A fake warning subject: "setting for your mailbox (address)@exchange.lancs.ac.uk are changed" is circulating. Do NOT follow the link.more »

Fake Amazon Message2010-05-06 10:12:49

A fake Amazon email message subject: "Your transaction has been processed" is circulating. It has a dangerous zipped Trojan attached. Do NOT open the attachment.more »

Fake Account Notification2010-05-06 09:47:07

A fake message with subject: "lancaster.ac.uk account notification" is circulating. It carries a dangerous Trojan in a zipped attachment. Do NOT open the attachment.more »

Symantec AntiVirus UPGRADE2010-04-09 17:38:23

On Managed Windows XP PCs between Tuesday 13th April and Friday 16th April 2010, ISS will upgrading Symantec AntiVirus 10 to Symantec Endpoint Protection 11. The upgrade will take place upon reboot, and so rebooting at the end of the day during this period is advised.more »

Webmail Upgrade Phish Attack2010-04-08 10:42:49

A number of fake emails with the subject: "Email Upgrade Alert" (or similar) have arrived on campus. The messages ask for you username and password. Do NOT supply your password and do NOT reply.more »

Sharepoint Move Tomorrow2010-03-26 12:26:58

On Saturday 27th March 2010 ISS is moving the Sharepoint server to the new building. Access to all public-facing Sharepoint websites, RSS services, Central (Faculty, Department and personal) Sharepoint sites - will be unavailable for up to 24 hours. The postgraduate.lancs.ac.uk recruitment portal will be unaffected. But this 'Home Page News' channel will be UNAVAILABLE during the move.. more »

|Threat Watch Archive|

|Display the 20 most recent Threats|

News and Announcement Archive ×

Threats

Help & Tools