Go to the U of M home page

Tuesday, July 1, 2014

Phishing Example 47: Library Account

Here's a reminder to question unexpected warnings and double-check that supposed "official" login pages are REALLY hosted at UMN.EDU locations.
Received June 2014:
Email being seen that points at what LOOKS like a UMN URL, but went offshore:
From: Library 
Date: Thu, Jun 26, 2014 at 8:47 AM
Subject: *****SPAM***** Library Account
Dear User,
Your library account has expired, therefore you must reactivate it
immediately or it will be closed automatically. If you intend to use this
service in the future, you must take action at once!
To reactivate your account, simply visit the following page and login wilth
your library account.
Login Page:
University of Minnesota Libraries
499 Wilson Library
309 19th Avenue South
Minneapolis, Minnesota 55455
(612) 624-3321 (voice)
(612) 626-9353 (fax)

Goes to a copy of UMN login page on an offshore website, and claims to "reactivate" your account.
Dangerous, because the phishers copied our real login page - and the page looks identical to, and behaves like a real login page - then puts up a fake "reactivation message" with a link to the UMN library system:

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.