Go to the U of M home page

Monday, July 25, 2016

Phishing Example 155: Restore Your Mailbox Capacity - yet another fake UMN login

Received July 2016

[Note: we are seeing a proliferation of spam that copies the UMN login page - this is the most recent example - always check the destination URL address!]

From: University Of Minnesota <help @ umn.edu>
           [NOTE FORGED "from:" 
                 - REALLY SENT FROM A COMPROMISED @umn.edu account]
Date: Mon, Jul 25, 2016 at 8:31 AM
Subject: Restore Your Mailbox Capacity

Dear *UMN.EDU* <hxxp://  xxxxx .com/fonts/unm/umn.htm> User,
                      [NOTE TARGET IS NOT A UMN.EDU address!]

Your email account has reached  the storage limit, hence you can no longer
receive your recent pending emails. Please logon here to  *Increase Storage
Limit* <hxxp://  xxxxx .com/fonts/unm/umn.htm> inorder to receive your
pending emails and also to restore your mailbox back to normal.


© 2016 Regents of the University of Minnesota. All rights reserved.


  • Always check the destination URL address - if it is NOT a UMN.EDU address - do NOT ENTER YOUR INFORMATION!
  • Forged pages are often set to direct you to a legitimate UMN web page after you "login."

Fake login page - note destination address!
Legitimate UMN page you are sent to after "login"

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.