This phish gives the appearance of coming from Penn State by using the name “PennState Admin” in its from address and the body of the message, but those are the only references to Penn State you’ll see. The actual from address is a compromised account from another country. The link in the message is not a Penn State Web address, and it points to a generic login page. Additionally, this message has no to address, a generic greeting, claims that you asked to have your account shut down, and threatens the loss of “all features associated with your account.” All of these problematic traits are big indicators of this being a phish.
From: “PennState Admin” <email@example.com>
Sent: Saturday, June 4, 2016 7:03:12 AM
Subject: WARNING: Closing & Deleting Your Account in Progress!
PennState Admin received your request to shutdown your account
We will process your request within 24 hours.
All features associated with your account will be lost.
To retain your account, kindly Cancel Request to continue using our
RECTIFY THIS PROBLEM & CANCEL http://cncldatvtnnow.voici.org/ (<- Link goes to a generic login page that has nothing to do with Penn State)
All Rights Reserved.