Phishing attacks cripple TDS e-mail

"Phishing" attacks by hackers have put a major crimp in e-mail for TDS customers, the company said today as it scrambled to deal with the huge problem. 

"Right now our customers are experiencing long delays in either sending or receiving e-mail," TDS spokeswoman DeAnne Boegli said at mid-day.

What has happened, Boegli said, is that a "very large" but unknown number of customers responded to one of the phishing e-mails that began appearing in customer e-mail boxes in the last several days. Some of the e-mails state they are from "TDS Internet Mail Service" or "TDSMAIL TEAM" which are not legitimate TDS organizations.

Some customers who respond may give up their personal information, including passwords, something no one should ever do, Boegli emphasized.

Others may respond in anger, knowing the e-mails are illegitimate, which also is a mistake because it lets the hackers know the e-mail address is real. In such cases, the hackers may be able to figure out the customer's password or otherwise gain control of the account.

The hackers use the addresses they can gain control of to send out large quantities of spam e-mails, causing the system-wide delays. They also may sell the account information.

TDS likely needs to reset passwords for the accounts that have been compromised, Boegli said, adding that no one should use a password that is easy to figure out.

The problem is that so many customers have been calling the company that hold times are up to an hour, she said, adding that TDS only needs to hear from those who believe their accounts have been compromised or whose problems are urgent.

"Were working to resolve this as quickly as we can," Boegli said. "What we're doing is training about 25 new people for the phones to get hold times reduced. It's sort of all hands on deck. This is a situation we have not faced before."

TDS has identified six different phishing e-mails, a couple of which look "kind of authentic," Boegli said.

Anyone who gets a suspicious e-mail should delete it and/or report it to their anti-virus software provider.

Telltale signs of a phishing e-mail include making immediate demands for information, spelling mistakes, and grammar mistakes.

More information is available at www.tds.net or www.tdstelecom.com.