This phish used a compromised Penn State Access Account to be sent, and put another Penn State address in the “To” field. It claims that Penn State is moving its email to a new system – TODAY. If and when Penn State makes a major change to its email system, there will be announcements made months in advance of the change to alert everyone of the plan and the cut-over date. The link in this message goes to a jimdo.com site with the Penn State academic seal on a form used to collect user IDs and passwords. The message also includes a threat of one’s account being made “inactive” if not updated – another sure sign of a phishing message.
From: “XXXXX XXXXX” <firstname.lastname@example.org>
Sent: Monday, May 16, 2016 10:09:00 AM
Subject: IT Admin Desk
Today Monday 16th May, 2016. we are upgrading our email system to Microsoft Outlook Webaccess 2016. This service creates more space and easy access to email. Please update your account by clicking on the link below and fill information for activation.
Click for Activation (<- Links to a bogus form on a jimdo.com site)
Inability to complete the information will render your account inactive.
IT Admin Desk