HKU Computer Centre HKU Computer Centre
Beck to home page   

Help | FAQ | News | ICT for Teaching & Learning | Advisory Groups | IT Strategies | Annual Reports
 

Spoofed Email - Fraudulent E-mail Account Termination Notice

    1. What is Email Spoofing?
    2. What Can You Do to Protect your PC?

1. What is Email Spoofing?

HKU's staff and students may be receiving fraudulent e-mail notices about e-mail account suspension. These are fake notices from a spoofed email address, not from the Computer Centre. A sample notice may read:

Dear Hkucc member,

We have temporarily suspended your email account abcd@hkucc.hku.hk.
To resolve the problem, you should read the attached document".

Sincerely,The Hkucc Support Team

The above is a fake notice from a spoofed email address and NOT from the HKU Computer Centre. Do not open any such attachments or click any hyperlink as a virus or spyware may be introduced into your PC.

Users are alerted that such fake mails often use the recipients' domain name to trick the recipients into believing the messages are authentic. The following (and others) are fake email addresses:

webmaster@hkucc.hku.hk
admin@hkucc.hku.hk
support@hkucc.hku.hk
services@hkucc.hku.hk

In previous articles from the Computer Centre, we have cautioned our users against email spoofing, phishing and spyware.

If your PC is infected by one of these spyware, you will be the next phisher (without your knowing!). You will be sending spoofed messages to others on the Internet, and asking them to go to a spoofed website on the HKU network. This will endanger the network security of the HKU network and will cause your account to be suspended immediately.

 

2. What Can You Do To Protect your PC?

1. Perform Windows Update once a month to download and install the latest security patches by clicking the Windows "Start" button => "Windows Update". This action would close all the un-used open ports (vulnerabilities) which can be exploited by spammers and spies to implant a spyware into your computer.

2. Install Anti-virus or anti-spyware. Update your virus definitions daily and set scheduled scans of your PC. Microsoft has responded to this issue by releasing the beta version of Microsoft Windows AntiSpyware. Click here for downloading the free software. See our FAQ for other sources of anti-spyware.   

3. Do not open any suspicious email attachments even from people you know because the senders' names can be spoofed. You can verify the attachment with the sender first or scan the attachment before you open it.  

4. Do not give your email address to any internet subscriptions unless you know they are a trustworthy site. Many unscrupulous merchants sell their email addresses for a profit.

5. You may report phishing to the Anti-Phishing Working Group.

 
Copyright 2011 Computer Centre, The University of Hong Kong
Comments to ithelp@hku.hk