Go to the U of M home page

Tuesday, March 14, 2017

Example 193: New Payroll Information !

Forged message displaying plausible URL, really linked to a fake UMN login page hosted off umn.edu.  (NOTE: you may have been directed to this page from an educational "phish" message you received recently)

From: University of Minnesota <notification@umn.edu>
Date: Mon, Mar 13, 2017 at 7:16 PM
Subject: New Payroll Information !
To: xxxxx@umn.edu

Dear Member
U have 1 New Notification Regarding Your New Payroll
Best Regards,
University of Minnesota

Forged UMN sign in page
Forged UMN sign in page
  • Email appears to come from "notification@umn.edu," a non-existent address
  • Email appears to show a umn.edu web address (that does NOT exist), but really goes through a Polish server that redirects to another server to present a
  • Web form that presents a copy of the umn login page, hosted at a compromised .org address

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.