Go to the U of M home page

Wednesday, June 8, 2016

Phishing Example 150: Payment question (*or* "One of these things is not like the other")

Received June2016

*also* sent with subjects:  “major provider”, “many things”, and “pay attention”

From: [Compromised UMN account]
Date: Tue, Jun 7, 2016 at 6:53 PM
Subject: Payment question

I've attached the 12 questions  for June in PDF
<hxxp :// xxxxx/aep/pdf/accessvalidate/es>  the file is also
available in Google drive and adobe
<hxxp://   xxxxxxx /aep/pdf/accessvalidate/es> file reader

Look at this side-by-side comparison - on the left, a real google login, on the right the phisher's version:
Left side REAL GOOGLE docs login, Right side *FAKE*


  • Probably comes from someone you know (the phisher bcc's all contacts)
  • Claims to go to a Google Drive - aka "docs," and presents a fake login.
  • Fake Login DOES NOT HAVE Google logo
  • Fake Login Offers multiple email providers in a drop down - real Google DOES NOT
  • See phishing advisory showing what a NORMAL login to Google/UMN resources looks like

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.