Go to the U of M home page

Monday, March 7, 2016

Phishing Example 129: Your University of Minnesota Email account will expire at the end of Today.

Received March 2016

From: "Gmail Team" <xxxx-compromised-email-account@ umn edu>
Date: Mar 7, 2016 7:52 AM
Subject: Your University of Minnesota Email account will expire at the end of Today.
To: 
Cc: 

University of Minnesota
Note:

Your University of Minnesota Email account will expire at the end of Today. Order to remain active, Use the following link to update your account

  Re-Activate Your University of Minnesota Email

Thank you for using University of Minnesota Email
Email Account.
Copyright 2016 Email. All Rights Reserved


Note:

  • DOES come from a UMN,EDU address, they used compromised user accounts to send this
  • Uses SSL to connect to a NON-UMN, NON-GOOGLE site
  • Uses OLD Google Logo on "sign-in" screen. This is subtle, but look carefully at the screen shots below. Google uses a non-serif font, but the first two screen have their old "Google" lettering, but the LAST screen is the REAL Google login
  • Google Login screens DO NOT have Email and PASSWORD on the initial screen, ONLY EMAIL. Again, see the final screen below which shows a real Google login
       FAKE LOGIN SCREEN - COPY OF OLD LOGIN

If you fill it out (please don't) you'll see this screen next: (again, see the old logo)

If you fill THAT one out, they will be sent to the REAL Google login screen. IF your browser is already logged in FOR REAL, then you won't see a login screen. If you are in a non-logged in browser, you'll see this:

Note: Logo is san serif font, and ONLY ASKS FOR EMAIL

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.