Go to the U of M home page

Sunday, January 8, 2012

Phishing Test 3: Please Check On This

Bogus message, apparently from a coworker, leads to fake Dropbox login.

You may have received this forged as "from" a coworker using a non-UMN email address. If you clicked on the link you will be directed to this blog entry.

Message text:

[Name of Colleague] 
Hello -
I'm out of the office and need someone's input on this. Can you double check this and get back to me? If you think someone else should handle it, let me know.
   Thanks!
     2018 plan




Login page:


Fake Dropbox login page with a "sign-in" button above
Fake Dropbox login page with a "sign-in" button above



Things to note:

  • Email name does not match the actual email address
  • Email name is (mangled) version of a real out-of-office coworker'
  • Email has no specifics about what "2018 plan" is referenced.
  • Document hosted at Dropbox - not a UMN affiliated service

Saturday, January 7, 2012

Phishing Test 2: Warning Your EMail Will be Shut Down After 24 Hours!

Bogus Shutdown warning tied to a PDF linking to a very good copy of Gmail login pages. Note, other subjects were seen, like "Update Notice"

This blog entry describes a recent test phish you may have received. If you clicked on it, you will be directed to this page.

Email 

embedded graphic notice "from" Google
embedded graphic notice "from" Google


Fake Google login form :
fake google login - with OTHER services in dropdown
fake google login - with OTHER services in dropdown



Things to Note:

  • No University of Minnesota branding
  • Email just contains an IMAGE, nothing more, of a Google notice.
  • Clicking on link leads you to fake Google login page. (not hosted at google.com or umn.edu)
  • Google login includes dropdown listing other services like Hotmail and AOL

Tuesday, January 3, 2012

Phishing Test 1: "Seasons Greetings!"

Unexpected greeting linked to a web message e-card.

This blog entry describes a recent test phish you may have received (clicking on it will lead to this page).

Message text:

Hello!
All your friends at  [some company] wish the best in the next year!
Happy Holidays
    [Unknown Sender]
    [company name] Education

Message contains a link to a holiday e-card, viewing the e-card, and clicking on it will lead to this
informational page.

Things to consider:


  • Unexpected email? You have no obligation to open or follow the content. Delete and/or mark as spam
  • Following links, opening attachments may infect your computer - recent targeted campaigns have specifically been aimed at infecting computers using infected documents.