From: UMN Help Desk <XX Compromised USER @ umn.edu>
Date: Tue, Mar 8, 2016 at 8:32 AM
Subject: [ UMN ] NetID
To:
Hello user ,
We have placed a temporal hold on two incoming mails to your account due to
insufficient validation.
To continue receiving messages, follow https://mail.umn.edu
<hxxp://bit.ly/ address> and validate your service.
This helps us stop automated programs from sending junk email.
We apologize for any inconvenience and appreciate your understanding.
Thanks,
UMN account team.
Notes:
- sent from a compromised UMN.EDU user account
- uses bit.ly to obscure the destination (yeattsdirect.com)
- Very good copy of UMN login page
- URL obscured in the browser (see image below)
 |
| click to expand - not obscured URL |
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.