The University of Illinois continues to experience negative impacts from ongoing phishing attacks.
CITES staff has implemented new technical solutions that not only help slow the spread of these attacks, but also lessen the damage that can be caused by accounts that have already been compromised.
We have made some headway. Both the number of compromised accounts and the damaged caused by these accounts has lessened. At this time we are still being blacklisted, as we've had an exploited account in the last 24 hours.
We cannot say so conclusively, but circumstantially it appears that hackers are sitting on a number of compromised illinois.edu accounts. When the password to an account they have been using is reset, they simply move on another account on their list. At this point we have no way to tell the number of compromised accounts, when they were compromised, or to whom they belong.
Anyone with an @illinois.edu email address should change their password to a password that has been never used before. By doing this, even if the old account credentials were in the hands of a hacker, the brand new password would mitigate the danger. The old information could no longer be used by the hacker.
@illinois.edu account information can be changed using the CITES Password Manager.