SECURITY ALERT: Widely distributed phishing scam (redux)

[NOTE: We are resending this security alert due to reports of a new wave of scam email following the same pattern.  The difference between the previous messages and the current wave of messages is primarily the sender address; the more recent fraud appears to originate from a Daniel M. Schmidlin with a CentralMethodist.edu domain address.]

=============================

CSIT has received numerous reports within the past hour of a new phishing scam targeting NWU mailboxes. The volume of reports indicates that this is an extremely wide spread attack and that it has been structured to evade our email filters.

The scam is a message which purports to have been sent on behave of Dr. Ohles (NWU President) and includes an attached PDF file with the name “Nebraska Wesleyan University.PDF”.  The message claims that the attached PDF is mandatory reading for all full or part-time employees regarding guidelines for behavior.  The message appears to be sent from a non-NWU account with the name David Cowburn and an email address in the domain “Einstein.yu.edu”.

If you have received this message, please delete it from your mailbox.  Do not attempt to open the PDF attachment or, if you have, do not attempt to follow any links which the document might present.  The message is a fraud, intended to entice those receiving it into surrendering confidential information.