Campus Safety and Security
Phony Computer Advice: A Scam
- A campus e-mail user received the following e-mail message (names have
- From: firstname.lastname@example.org
- To: email@example.com
- Subject: Local Files Protection
- To Users of the mailhost.upenn.edu system:
- Please note that you could protect your files stored in your directories.
Simply go to unix shell and type the command "chmod 644".
- The message was a forgery, and was not sent by the system administrator.
If the user had followed the advice, then possibly anyone on the system
would be able to read all of her files and e-mail.
- Other scams in the past have included the following:
- -- Someone gets a message instructing them: "type this...it will
make your computer run faster." The commands, if entered, would let
anyone log onto the account.
- -- Someone phones saying they are from the computer center, with some
story (e.g., "You've exceeded your disk quota, and we need to allocate
more space for you."). They tell you a new password, and ask you to
reset your old password to this new value. Once you hang up, they have
access to your account.
- Please be wary of unsolicited technical advice. A couple of points
- Be careful typing things into your computer that you don't understand.
When in doubt, check first with your system administrator or local support
- If you have doubts about the identity of a message author, check with
the person by phone or in person. E-mail can be forged very easily.
-- Dave Millar,
University Information Security Officer
Return to:Almanac, University of Pennsylvania, March
17, 1998, Volume 44, Number 25