It’s only Monday morning and we’re already seeing numerous reports about a spear phishing campaign making cycles around campus. These two emails use the idea of information security as a pretext for the scam. Both appear to come from legitimate UDel email addresses, but are, in fact, phishing messages.

2015-10-26_1017

2015-10-26_1028

 

We can see immediately that something’s up with the content of these emails. The generic subjects, lack of salutations, and fake signature are obvious clues that this isn’t an official message at all.

Digging deeper, we see that the wording is equally generic. It seems as though this phisher wants to capitalize on our recent emphasis on cybersecurity by claiming that you need to visit a link to verify your information (a typical phishing trick) as part of a “security check.”

Notice also that the link goes to jimdo.com rather than to a udel.edu address. The phisher attempted to make the link look legitimate by putting “udel” in the link, but it isn’t a real http://www.udel.edu domain. Remember, scammers often create fake Web sites and links to trick people who don’t take the time to read the full link destination.

So although there’s no security check and you’re not being asked by the University to verify anything, we’ll take these phish as an example of the “rise in security incidents” we’ve been seeing. Beware of spear phishing campaigns that try to use official or official-sounding University units, policies, events, or other information to try to trick you into trusting links or instructions. Always read carefully and verify that what you’re seeing is legitimate before you do anything else.