14 DAY TRIAL // Internet users should beware of fake Aureus University emails. Cybercriminals are using them to lure internauts to a phishing website.
The emails identified by millersmiles.co.uk bear the subject line “Aureus University Recruitment and Liaison Services” and they purport to come from the Aureus University School of Medicine Admissions Office.
“I believe you are well! Kindly View the document I uploaded for you using Google drive. CLICK HERE and sign in securely to view, It's very Important. Thanks,” the emails read.
The contact information contained in the bogus notifications, including the university’s address and phone number, are legit. However, that’s not what this scam is all about.
The links from the emails don’t point to Google Drive. Instead, they lead victims to a phishing site that’s designed to replicate Google Drive. The phishing page is hosted on a legitimate website that has been hijacked by the cybercrooks.
Here, users are asked to log in to their accounts in order to see the document. The cybercriminals don’t want only Google credentials, so they allow victims to “log in” with their Yahoo, Windows Live, AOL or other credentials.
After the information is entered, the data is sent back to the attackers’ server, and the victim is redirected to the genuine Google login page. By redirecting victims to the genuine site, the phishers hope that they’ll avoid raising any suspicion.
If you come across such emails or such websites, be careful! Always remember that the official websites of major companies have HTTPS enabled to make sure their customers’ information is transmitted securely. If the HTTPS is missing, you’re likely dealing with a scam site.
If you’re a victim of this scam, change your passwords before the crooks get the chance to abuse the stolen information.