Fraud Alert - Email Scams & Phishing

Some GCI customers have received fraudulent email messages asking them to verify account passwords. This is an attempt to steal your login information.

GCI IS NOT SENDING THESE EMAILS and would never ask our customers to send private or secure information in an email.

We have posted some examples of fraudulent emails (phishing attempts) below.

If you receive an email like the any of the ones below, please do not respond, simply delete it.

This is the latest Phishing attempt email being reported to GCI by our customers. This email appears to be from GCI.Net Support. GCI is not sending these and will not request your information via an email! Again, this is a phising attempt, just delete the email!

From: support@gci.net [mailto:support@gci.net]
Sent: Monday, May 04, 2009 3:05 AM
To: undisclosed-recipients:
Subject: CONFIRM YOUR EMAIL ACCOUNT

Dear Gci.net Subscriber

We would like to inform you that we are currently carrying out scheduled maintenance and upgrade of our webmail service

and as a result our email client has been changed and your orignal password will be reset.

We are sorry for any inconvennience caused.

To complete your Gci.net account, you must reply to this email immediately and enter your password. Failure to do this will immediately render your email address deactivated from our database.

User Name:
Password:

Thank you for using Gci.net webmail IT Gci.net THE TEAM "

Other examples below. Again these are phishing attempts. Just delete these types of emails, if they get through your email filter.

Dear gci.net User,

We have noticed an unauthorized attempt to change your gci.net password from
a foreign IP. This was going to result to your inability to access your
account due to the password change. If you know you are the authorized owner
of this account, kindly reply by providing your original username (*******)
and PASSWORD (*******) so as to protect your ID and password from
unauthorized access.

Failure to do this will violate the gci.net email terms & conditions.

Thanks for using gci.net

The gci.net Tech Support.

From:       support@gci.net
Subject:                Account Upgrade/Maintenance All Gci Webmail Accounts
Date:      March 18, 2009 1:03:16 AM AKDT
To:            undisclosed-recipients: ;
Reply-To:                iol.support.team09@gmail.com

Gci Technical Support

-----------------------------------------------------------------------------------------------------------

Attn. Gci Webmail Users,

Account Upgrade/Maintenance All Gci Webmail Accounts

We regret to announce to you that we will be making some vital maintenance on
our Gci Webmail account. During this process you might have login problems in
signing into your Gci account, but to prevent this you have to confirm your
account immediately after you receive this notification.

To confirm and to keep your Gci Webmail account active during and after this
process, please reply to this message with the below account information's.
Failure to do this might cause a permanent deactivation of your Gci webmail
account from our database to enable us create more spaces for up coming
subscribers.

To confirm your account, send your Gci webmail account stating:

email address:
Password:

Your Gci account shall remain active after we have successfully confirmed and
upgraded your account.

Thank you for your swift response to this notification we apologize for any
inconvenience.

 

Gci Technical Support

Copyright 2009 - Gci Communciations - All Rights Reserved.

Other examples below. Again these are phishing attempts. Just delete these types of emails, if they get through your email filter.

Subject: Dear Subscriber
Date: 3/11/09 4:00:45 AM
From: "The Gci.Net email support team" <an email address, can be any email address> To:info@gci.net

Dear Subscriber

We are currently carrying out maintainance on our GCI.NET email database. To complete this process you must reply to this email immediately and enter your Username here (**********) And Password
here(**********) if you are the owner of this account.

This process will help us to fight against spam mails Failure to summit your password, will render your email address in-active from our database.
NOTE: You will be send a password reset message in next seven (7) working days after undergoing this process for security reasons.

Thank you for using Gci.Net!
The GCI.NET email support team.

----------------------------------------------------------------------------------------------------------

Again the email below is a phishing attempt, DO NOT respond to the email, just delete it!

From: support@gci.net [mailto:support@gci.net]
Sent: Tuesday, February 24, 2009 2:04 PM
To: undisclosed-recipients
Subject: Please confirm your GCI.net email account

Dear GCI.net Email Account Owner,

This message is from GCI mailing center to all our GCI email account owners. We are currently upgrading our data base and e-mail account center. We are deleting all unused email account to create space for new accounts. To prevent your account from being deactivated you will have to update it.

CONFIRM YOUR GCI EMAIL ACCOUNT
Email Username:
Email Password:

Warning!!! Account owners that refuses to update his or her account within seven(7) days of receiving this email will lose his or her account permanently.

Thank you for using GCI.

Warning Code: UCRV08MT1

Thanks,
GCI Team.

----------------------------------------------------------------------------------------------------------

Example Phishing Email

From: support@gci.net [mailto:support@gci.net]
Sent: Sunday, January 25, 2009 4:16 PM
To: undisclosed-recipients
Subject: Please confirm your GCI.net email account

Dear GCI.net Email Account Owner,

This message is from GCI mailing center to all our GCI email account owners. We are currently upgrading our data base and e-mail account center. We are deleting all unused email account to create space for new accounts. To prevent your account from being deactivated you will have to update it.
CONFIRM YOUR GCI EMAIL ACCOUNT
Email Username:
Email Password:

Warning!!! Account owners that refuses to update his or her account within
seven(7) days of receiving this email will lose his or her account permanently.
Thank you for using GCI.

Warning Code: UCRV08MT1

Thanks,
GCI Team.

-----------------------------------------------------------------------------------------------------------

Example Phishing Email

From: An address [mailto:username@gci.net]
Sent: Tuesday, December 30, 2008 4:30 AM
To: Your Name
Subject: wqjbd lagpaoa@gci.com; Get Ready for the New Year bttv

This message contains images. If you don't see images, click here to view.

----------------------------------------------------------------------------------------------------------

Example Phishing Email

Dear GCI Subscriber

We are currently carrying out maintainance on our GCI email database. To complete this process you must reply to this email immediately and enter your Username here (**********) And Password
here(**********) if you are the owner of this account.

This process will help us to fight against spam mails. Failure to submit your password, will render your email address in-active from our database.

NOTE: You will be send a password reset message in next seven (7) working days after undergoing this process for security reasons.

Thank you for using GCI!
The GCI Support Team.

-----------------------------------------------------------------------------------------------------------

Example Phishing Email

From: <mygci@gci.net>
To: <:undisclosed-recipients>
Sent: Monday, July 28, 2008 5:22 AM
Subject: Update Your GCI E-mail Account

Dear GCI Users.

The reason for this message is because of the Email Scams & Phishing going on the GCI Network. We have decided to contact all our clients and staff to provide their password so that we can confirm the active users and to de-activate the inactive user. We regret the inconveniences this might
have cost
you.

Please provide us with the below details.

• Username:
• Password:

With the above details we can verify active my.gci.net account.

Copyright ©2008 GCI Alaska.
868-0316 (Anchorage)
1-800-800-4800(Statewide)
Hours: open 24 hours a day, 7 days a week, 365 days a year !

-----------------------------------------------------------------------------------------------------------

Example Phishing Email

From: GCI SUPPORT TEAM <support@gci.net>
Date: February 17, 2008 7:40:30 AM AKST
To: undisclosed-recipients: ;
Subject: IMPORTANT NOTICE FROM THE GCI SUPPORT TEAM
Reply-To: gciactive@gmail.com

Dear Gci Subscriber,

To complete your gci account, you must reply to this email immediately
and
enter your password here (*********)

Failure to do this will immediately render your email address
deactivated from
our database.

You can also confirm your email address by logging into your gci account at http://webmail.gci.net

Thank you for using GCI.NET !
THE GCI.NET TEAM

If you receive an email like any of the ones above, please do not respond, simply delete it !!

GCI has seen an increase in phishing attempts against GCI customers both in email attempts, and even some reported cases of pretexting using phone calls. These requests are attempts to obtain personnel information such as username, passwords, or credit card information. This information is then used for criminal purposes such as spamming, theft or identity theft.

• Phishing: The attempt to criminally and fraudulently acquire sensitive information, such as usernames, passwords, and credit card details by masquerading as a trustworthy entity.
• Pretexting: Is the act of creating and using an invented scenario (the pretext) to persuade a target (you) to release information or perform an action and is typically done over the telephone

Some steps you can take to help protect yourself

• Be suspicious of unsolicited email and phone calls
  • Delete the email
  • Hang up on the caller
• Do not provide usernames, passwords, credit card, social security number, and date of birth on an email or over the phone to an unknown source
  • Call them on a phone number you acquire from a different source
  • Visit their web site, directly or by a performing a web search.
• Do not click on the links of the email, if you need to contact the company
  • Call them on a phone number you acquire from a different source
  • Visit their web site, directly or by a performing a web search.
• This includes emails with coupons to a retailer
  • Security experts believe this will lead recipients into phishing schemes.
  • It is recommended you go to the retailer's web site and navigate to special coupons or promotions listed on the site
• Keep your computer and programs up-to-date
• Use a good anti-virus and anti-spy ware program
• If you think the email or phone call may have come from GCI, you should call GCI, at any of our published phone numbers.
  • Remember GCI technical support is open 24/7 365 days a year and can be reached through 265-5400.

GCI takes these attempts seriously, and will shut down accounts of GCI customers knowingly participating in such activities. If you are in doubt, please contact GCI.

More subject information about these issues may be found at the links below:

• Wikipedia - phishing
• Wikipedia - pretexting
• Webopedia - phishing
• Wikipedia - SMiShing

More information about how to protect yourself may be found at these sites: