This phish makes no mention of Penn State in the body of its message, but the link goes to a forged Penn State WebAccess login page. Nearly everything else about the message clearly identifies it as a phish: A “From” address entirely unrelated to Penn State, no “To” address, no personal greeting, poor grammar, a hidden link address, a threat that services will be disabled, and the generic signature of “Education Administrator.”
From: “Education Admin” <eduadmin@educenter.com>
Sent: Wednesday, May 18, 2016 11:14:00 AM
Subject: Mailbox Quota Cleanup
This is to notify All educational board users (.edu) on Mailbox Quota Cleanup, If you are a staff or faculty member log on to your staff and faculty ACCESS-PAGE to clean up mailbox. Staff and Faculty Members mailbox quota size increase in progress.
Click on ACCESS PAGE (<- links to a forged WebAccess login page) to complete.
Mailbox Sending/Receiving authentication
will be disabled…
Education Administrator