Go to the U of M home page

Monday, May 8, 2017

Example 198: Email Update!

Scam email update sent from a compromised UMN account

Message text
Subject:    Email Update!
Date:   Mon, 8 May 2017 20:03:37 +0100
From:   compromised UMN account <xxx @umn.edu>
Reply-To:   gmail account



We are using this opportunity to notify the Students, Staffs and Alumni
of University of Minnesota that an update is being done on all accounts.
We strongly advise that you update <hxxp:// tinyurl.com/ xxxxx > your
account promptly to avoid closure/inconvenience on your account, kindly
do this immediately.
Sincerely,
IT Admin
Login form

Minnesota bogus branded simple login form
Minnesota bogus branded simple login form


Things to note

  • Form uses tinyurl to mask non-umn login address
  • Form is modestly branded
  • Form shows password in the clear

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.