Did you know you’ve exceeded your email storage limit? Well, you probably haven’t, but these scammers would like you to believe otherwise.
This phish comes to us from firstname.lastname@example.org. You’ll notice that this address isn’t a udel.edu one, yet it’s attempting to represent UD. That’s red flag #1.
The email also calls you “University of Delaware Webmail subscriber” instead of your actual name. UD systems know your name (I know, soon it’ll turn into Skynet, but we aren’t there yet). Red flag #2.
Our friend, cmorales, also encourages you to click a link to zednet.php5.sk, which obviously isn’t a udel.edu domain. Oh, and why are we asked to verify our accounts through shady external websites if we’re over our storage limit? Shouldn’t we just delete some emails? Red flag #3.
So after all of that, where are we? Hopefully still looking at this email. If you aren’t, and if you clicked the link, you’ll have seen a page like the one on the left. In the unfortunate event you gave cmorales your UDel email information, you should go to www.udel.edu/network/ (note the udel.edu domain name) and change your email password ASAP. If you can’t, call the IT Support Center at (302) 831-6000 or submit a help ticket at http://www.udel.edu/it/help/request/.
No Comments »
This morning, some standard phish were swimming into UDel inboxes. Here’s a screen shot of one that amazes me — not a particularly good one, but the scammers find that it still works:
Click the image to see a larger version.
We’ve highlighted some of the tell-tale signs, so that even if you didn’t know your email quota is higher than that mentioned in this scam, you can see what to look for. The non-UDel URL you see when you hover your mouse over the link is a dead giveaway. Ditto getting email about your email from someone at “snead.edu.” And why would UD be sending you email with the word “Warning” marked as a trademark? And marked as copyrighted by Microsoft?
Speaking of reminders, the SANS tip of the day at the website is a succinct summary of what to look for in phishing scams. It also includes links to two quizzes to help you see if you can recognize a phishing scam:
- Washington Post Phishing Quiz
- SonicWALL Phishing IQ Test
Two fun quizzes to improve your “Phishing IQ”!
Bottom line: When you get email with a link in it or asking for personal information or telling your to “click here” to fix a problem with your account, take a minute to examine the message. Think B4 U Click!
If you get email allegedly from Microsoft saying that your mailbox is full, it must be true, right?
The current version of this scam includes a link to a Google Docs form to make it easy for the scammer to harvest your account information. If you submit the information the form asks for, you will have enabled to scammer to log in to your account and either steal it or use it to spoof your account to send out further scam email messages.
See a message like this one?
Don’t click the link if you saw this message! (Click on the image to see a full size version of this email scam.)
Just delete it. Do not follow the link. Do not complete the Google Form.
Over the past week, we’ve seen multiple variations of phishing scams like this one:
Don’t fall for this scam! (Click image to see full message.)
At the beginning of a new school year, we tend to see a lot of scams like this one, or the ever popular scam:
“Your UDel email is over quota. Click here to verify your account information.”
These are scams designed to take advantage of the naivete of freshpersons and new employees. The scammers are trying to harvest your UD login credentials to steal your identity or to use your account to launch attacks on others. Do not click the links or reply to the email messages. Just delete them.
For more information, browse this blog or visit our formal Avoid phishing scams Web pages.
- First off, UD will never send you email telling you to click on a form to increase your email quota.
- Second, UD will never ever send you email of any kind that appears to come from “ShastaCollege.edu.”
- Third, we’re not perfect, but we hope that we’d send email with a lot fewer typos.
- Finally, will UD ever sign email “Local-host”?
From: Cox, Estella
Subject: Mailbox Quota Exceeded
Date: October 20, 2011 12:10:22 PM EDT
Your web mail quota has exceeded the set quota which is
3GB.you are currently running on 3.9 GB.
To re-activate and increase your web mail quota please click
the link below.
Failure to do so may result in the cancellation of your web
Thanks, and sorry for the inconvenience