Banner Web (Banweb) password phishing - "Incident where your NETID was compromised"


From: [redacted] Security <>
Date: Sun, Oct 20, 2013 at 1:51 PM
Subject: [redacted] incident where your NETID was compromised
Your account may have been compromised as it was accessed from a blacklisted IP in Arizona on Sunday, October 20, 2013. The suspicious login details are shown hereunder:

Access Location: Phoenix, Arizona
IP Address:

ISP: Nobis Technology Group, LLC
Host Name:
Time of compromise : 1:06PM, Eastern Daylight Time (EDT) -0400 UTC

Did you access your account from this location? If this wasn't you, your computer might have been infected by a malicious malware unnoticed. To protect your account from any further compromise, kindly follow these two steps immediately:
1. Follow this ITS secure link below to reconfirm your login details and block the suspicious IP ( from further future compromise

http://netid-[redacted].edu/blockIP&malware <[redacted].edu/login/Login.htm>

2. Scan your PC immediately to remove all malware and any other malignant viruses

With these two steps taken, your account will be secure.

Serving you better,

ITS and Database Security

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.