Convincing Campus Phishing Attempt

Many people received an e-mail today claiming to be an e-mail account verification message. The link included in the message was directed to a malicious site that requests your username and password. The e-mail had a subject of “IT@Sam Service Desk” and looked like the example below.

The malicious site appears to be removed, however out of the abundance of caution IT Security has also blocked the site from being accessed from campus and has blocked all further e-mails from being delivered. If you still have an e-mail in your inbox like the one described, please delete it with no further action.

Please take this opportunity to review some of the tell-tale signs that an e-mail is a phishing attempt. In this case, here are some of the signs:

  1. The message above appeared to be from helpdesk@shsu.edu, upon closer look, you can see that it was actually from “manuelitos@unm.edu.”
  2. The url given is https://www.shsu.edu, but hovering over the link shows that it actually goes to http://www.humecement.com.my/5s_v1/shsu/aspx.htm.
  3. The phrasing and subject line is a bit off. We would not use the name of a university service unit as the subject of the e-mail. The subject would contain insight into the contents of the message.

Please contact the Service Desk at servicedesk@shsu.edu or (936) 294-1950 should you have any questions or concerns.

Author: lucrecia chandler

Cherwell, Communications, and Training Manager for IT@Sam