A reader has sent the following screenshot of an email sent by the National University of Singapore (NUS) on 16 July.
In the email sent by the university, students and staff were warned not to click on phishing emails which are said to be from compromised NUS accounts.
A phishing email is an email that is designed to obtain sensitive information through fraudulent means, that is, by pretending to be a legitimate person or business.
The email says:
Over the weekend, we detected a series of highly targeted phishing emails being sent to many NUS staff and students. Most of those were sent from compromised NUS accounts, and crafted using existing email subjects which the recipients were familiar with. By using these techniques, the phishing emails were made to appear more authentic, and resulted in more users falling prey.
Below is a sample of the phishing email for your reference. The link in green (“Click here to view message”) would bring you to a website requesting you to enter your NUSNET credentials. DO NOT click on this link or any other links from suspicious emails. Please also report each phishing emails immediately by using the “Report Phishing” button. Alternatively, you may contact IT Care at 6516 2080 or [email protected]
Also, if you responded to any such email or have clicked on any link in the email, please change your NUSNET password immediately.
This is not the first incident involving phishing emails at NUS.
The university experienced a spread of phishing emails after computer science research fellow Prosanta Gope clicked on a link in a phishing e-mail, which then resulted in more of such emails being sent out to other colleagues, according to Channel NewsAsia.