This phish provides a link to a forged Penn State WebAccess login page. The traits that give it away as a phish are the generic greeting and “To:” name, as well as the poor grammar, the vague reason for directing users to log in, and the appearance of the message coming from University “administration.” Dr. Barron and the rest of the President’s office will leave such messages to IT staff.
From: administration@psu.edu
To: “Recipients” <administration@psu.edu>
Sent: Thursday, May 12, 2016 4:18:34 PM
Subject: Penn State: Review of all accounts
Notification:
To ensure that you have better security
We have a strict review process on your account
All updates completed will take effects within 24 hours
Log in (<- link goes to a forged Penn State WebAccess login page)
Administration
The Pennsylvania State University · Copyright 2016