Front Page

CONTENTS

Job Ops

CrimeStats

Between Issues

Campus Safety and Security


Almanac Homepage

Staff Box

Phony Computer Advice: A Scam

A campus e-mail user received the following e-mail message (names have been changed):
From: root@mailhost.upenn.edu
To: user@mailhost.upenn.edu
Subject: Local Files Protection
To Users of the mailhost.upenn.edu system:
Please note that you could protect your files stored in your directories. Simply go to unix shell and type the command "chmod 644".
 

System Manager

 
The message was a forgery, and was not sent by the system administrator. If the user had followed the advice, then possibly anyone on the system would be able to read all of her files and e-mail.
Other scams in the past have included the following:
-- Someone gets a message instructing them: "type this...it will make your computer run faster." The commands, if entered, would let anyone log onto the account.
-- Someone phones saying they are from the computer center, with some story (e.g., "You've exceeded your disk quota, and we need to allocate more space for you."). They tell you a new password, and ask you to reset your old password to this new value. Once you hang up, they have access to your account.
 
Please be wary of unsolicited technical advice. A couple of points bear repeating:
  • Be careful typing things into your computer that you don't understand. When in doubt, check first with your system administrator or local support provider.
  • If you have doubts about the identity of a message author, check with the person by phone or in person. E-mail can be forged very easily.

-- Dave Millar,

University Information Security Officer


Return to:Almanac, University of Pennsylvania, March 17, 1998, Volume 44, Number 25