Newest targeted phishing spam links to fake WebAccess login page

University Park, Pa. -- A new variant of a phishing scam targeting Penn State users in an effort to convince them to give away their password was circulating on Sept. 7 and the morning of Sept. 8.

This new variant appeared to come from "PSU.edu Admin," and the message begins with a warning about a PHISHING ALERT. Unlike previous targeted phishing messages, this one does not ask for an e-mail reply with the user's password, but includes a Web link to a phony Internet page which is designed to exactly mimic Penn State's WebAccess login page.

Several Penn State users have been reported to have found the phony Web page credible enough to have logged in with their Penn State access account ID and password. Those users are advised to go to the real Penn State access account management page and change their password at https://www.work.psu.edu/apps/work/work.php online.

Internet access to the phony Web site was blocked during the morning. However, users should be alerted that the scam is likely to be repeated using a different Internet address as long as users continue to fall for the scam.

For more information, contact ITS Helpdesk at helpdesk@psu.edu.

Last Updated March 19, 2009