Michigan State University
On Friday, October 18, two employees reported receiving email confirmation of a change in their direct-deposit designation. Police say that valid credentials (MSU NetID and password) were used by a perpetrator to modify the employees’ banking information on the Payroll system. It is believed that the perpetrator gained access to the credentials through a sophisticated “phishing” attack.
Here is the Alert: http://police.msu.edu/crimealert10202013.asp