Go to the U of M home page

Wednesday, June 21, 2017

Example 201: Library Services

Well crafted email directs recipient to a forgery of the UMN login page.

Message

 Dear User,
 This message is to inform you that your access to your library account
 will soon expire. You will have to login to your account to continue to
 have access to the library services.
 You need to reactivate it just by logging in through the following URL. A
 successful login will activate your account and you will be redirected to
 your library profile.

 hxxp://www.lib.umn.cave.gq/login_xxxxxxxxxxxxxxx
 If you are not able to login, please contact Emily Bonnell at
 enbonnell@umn.edu for immediate assistance.
 Sincerely,
 Emily Bonnell
 University of Minnesota Libraries
 (612) 624-xxxx
 enbonnell@umn.edu

Webform

Forged UMN login page - NOT hosted at UMN.EDU
Forged UMN login page - NOT hosted at UMN.EDU

Thing to Note

  • Email comes from a Gmail account, not UMN.EDU
  • "Emily Bonnell" is not a real UMN staff member - the umn.edu email referenced does not exist
  • Forged web page NOT hosted at umn.edu
  • Logging into page redirects to the real login page (or a UMN service page if you ARE logged in)

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.