Go to the U of M home page

Tuesday, March 8, 2016

Phishing Example 130: [ UMN ] NetID

Received March 2016

From: UMN Help Desk <XX Compromised USER @ umn.edu>
Date: Tue, Mar 8, 2016 at 8:32 AM
Subject: [ UMN ] NetID
Hello user ,

We have placed a temporal hold on two incoming mails to your account due to
insufficient validation.

To continue receiving messages,  follow https://mail.umn.edu
<hxxp://bit.ly/  address> and validate your service.

This helps us stop automated programs from sending junk email.

We apologize for any inconvenience and appreciate your understanding.


UMN account team.


  • sent from a compromised UMN.EDU user account
  • uses bit.ly  to obscure the destination (yeattsdirect.com)
  • Very good copy of UMN login page
  • URL obscured in the browser (see image below)

click to expand - not obscured URL

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.