The Latest Phishes Sent to Penn Staters
From: “xxxxx, xxxxx” <xxx.xxx@apsva.us>
Sent: Monday, November 21, 2016 1:57:31 PM
Subject: Pennsylvania State University / Notice
Your mailbox is almost full.
1969MB 2000
Current size mum size
Dear E-mail User
Your mailbox might be close kindly Staff/Faculty (<– links to a fake WebAccess page at notice-info.bugs3.com) to add more space to your mailbox.
The Pennsylvania State University © 2016
From: “Williams, Trudy” <xxxxxx@christushealth.org>
To: “Williams, Trudy” <xxxxxx@christushealth.org>
Sent: Monday, October 3, 2016 12:52:18 PM
Subject: : IT Help desk.
To All Employees\Staff,
Take note of this important update that our new web mail has been improved with a new messaging system from Owa/outlook which also include faster usage on email, shared calendar, web-documents and the new 2016 anti-Spam version.
Kindly use the link below to complete your 2016 Outlook Webmail User Authentication form.
CLICK on Outlook Web Access<http://microsoft-outlook-web-account.sitey.me/> to update immediately.
CONFIDENTIALITY NOTICE: Confidential information, such as identifiable patient health information or business information, is subject to protection under state and federal law. If you are not the intended recipient of this message, you may not disclose, print, copy or disseminate this information. If you have received this in error, please reply and notify the sender (only) and delete the message. Unauthorized interception of this e-mail is a violation of federal criminal law.
From: “Alf Friggerdal” <Alf.Friggerdal@peab.se>
To: info@web.com
Sent: Sunday, September 11, 2016 6:10:24 PM
Subject: Your Psu.edu has passed its limit
Your Psu.edu has passed its limit
| 3.9GB | 3GB | |
| Current size | Maximum size |
Your psu.edu quota has passed the quota limit is 3GB. You are currently running at 3.9 GB.
To re-enable and increase your psu.edu quota click on the link below.
CLICK HERE TO RE-VALIDATE
Failure to do so may result in termination of your mail box account.
We are sorry for the inconvenience.
Psu.edu Customer Service.
From: Pennsylvania State University I Blackboard <xxxxxx@uconn.edu>
Date: Tuesday, August 23, 2016 at 10:37 AM
To: <xxxxxx@psu.edu>
Subject: xxxxxx@psu.edu 2 new Blackboard messages from IT Admin
Dear xxxxxx@psu.edu,
You have 2 new messages from your University Technology Admin
posted to you through the Blackboard Learning System.
www.blackboard.com/blackboard/course/messagecenterxxxxxx@psu.edu36344331 (<– Link leads to a fake Blackboard login page)
Regards,
MY UNIVERSITY.
Admin Management
This phishing message gives the impression that Penn State uses Blackboard for its LMS and there are messages waiting there for the recipient. However, Penn State uses Canvas and ANGEL, so that is one clue this is a bogus message. Additionally, the “from” address is a UConn email address, whereas a message about a central Penn State service would come from an official Penn State address. The link that is shown in the message is not the URL one is taken to if it’s clicked – the page it links to is in the ortopedicosfuturo.com domain, and is a fake Blackboard login page. And finally, while the message states that the recipient has 2 new messages, it doesn’t give any clear instructions on what needs to be done with them.
This phish provides several clues revealing it as a scam message:
From: “psu.edu” <xxxxxx@ccri.edu>
Date: Tuesday, August 2, 2016 at 4:22 PM
To: Recipients <xxxxxx@ccri.edu>
Subject: Important message
Dear User,
You have received a new message from Pennsylvania State University Admin System sent to you via Blackboard Learning System.
http://www.psu.edu/blackboard//messagecenter%0118157 <– Links to a fake Blackboard login page in the joshuafitzgerald.com domain
Greetings,
Pennsylvania State University