From: "Gmail Team" <xxxx-compromised-email-account@ umn edu>
Date: Mar 7, 2016 7:52 AM
Subject: Your University of Minnesota Email account will expire at the end of Today.
To:
Cc:
University of Minnesota
Note:
Your University of Minnesota Email account will expire at the end of Today. Order to remain active, Use the following link to update your account
Re-Activate Your University of Minnesota Email
Thank you for using University of Minnesota Email
Email Account.
Copyright 2016 Email. All Rights Reserved
Note:
Note: Logo is san serif font, and ONLY ASKS FOR EMAIL
Note:
Your University of Minnesota Email account will expire at the end of Today. Order to remain active, Use the following link to update your account
Re-Activate Your University of Minnesota Email
Thank you for using University of Minnesota Email
Email Account.
Copyright 2016 Email. All Rights Reserved
Note:
- DOES come from a UMN,EDU address, they used compromised user accounts to send this
- Uses SSL to connect to a NON-UMN, NON-GOOGLE site
- Uses OLD Google Logo on "sign-in" screen. This is subtle, but look carefully at the screen shots below. Google uses a non-serif font, but the first two screen have their old "Google" lettering, but the LAST screen is the REAL Google login
- Google Login screens DO NOT have Email and PASSWORD on the initial screen, ONLY EMAIL. Again, see the final screen below which shows a real Google login
FAKE LOGIN SCREEN - COPY OF OLD LOGIN
If you fill it out (please don't) you'll see this screen next: (again, see the old logo)
If you fill THAT one out, they will be sent to the REAL Google login screen. IF your browser is already logged in FOR REAL, then you won't see a login screen. If you are in a non-logged in browser, you'll see this:
Note: Logo is san serif font, and ONLY ASKS FOR EMAIL
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.