Notice from Information Technology on recent email "phishing" attacks


DATE ISSUED: September 2, 2013
SUBJECT: Targeted Spear-phishing Attacks Against NYS
The EISO’s Cyber Security Operations Center has been provided information from a trusted third party that NYS is being targeted in a series of spear-phishing attacks.  These attacks appear to be designed to capture accounts and passwords for email accounts.  The information provided at this time indicates that the actors initiating these attacks  have established websites that mirror legitimate webmail password change pages to trick a user into entering his or her credentials.  The spear-phishing emails are sent from accounts that, at a glance, appear to be legitimate helpdesk or IT support accounts.  The emails are likely to include text that suggests the user’s password is expiring or needs to be changed.  The specific sources, methods, and details of these spear-phishing emails are very likely to change rapidly and, consequently, it is essential that all staff be aware of the ongoing threat of spear-phishing attacks and be able to recognize such attacks.  Privileged accounts such as those relating to content management and those of systems administrators are likely to be a major target for these attacks, although any account will provide the attacker with access to the network.
It is recommended that this information be distributed to all staff.
We recommend the following actions be taken:
·         Remind users not to visit un-trusted websites or follow links provided by unknown or un-trusted sources.
·         Remind users not to open email attachments from unknown users or suspicious emails from trusted sources.
·         Users should check the from address for a complete email address to ensure it is from a valid source.
·         Users should check URLs before entering account information to ensure they are on the correct website and were not redirected.
·         Do not reuse passwords for multiple accounts.
·         Review email forwarding rules if you believe you have been compromised.
·         Any suspicious email related to password changes should be forwarded as an attachment to for analysis
New York State Office of Information Technology Services (ITS)
Enterprise Information Security Office (EISO)
1220 Washington Avenue
State Office Campus Building 7A
Albany, NY 12242
Visit DHSES online at:
Visit NY-ALERT online at:


Last modified: Jan 31, 2014

IT Systems Status

Don't bite on "phishing" email!

Systems Status Explained

  • ITR Work Order
  • In Your Class
  • Student Resources
  • Campus Map
  • CUNY Portal
  • Gartner
  • Textbook Savings