Here’s an example of a classic “tailored for UD” phishing scam that arrived in UD inboxes in late September.

Note that it tried to tie with PNC–since the scammer knew that UD and PNC have a business arrangement. At first glance, it looks believable, even including some fake mumbo-jumbo about encryption at the end. But look carefully:

  • The From, To, and Reply-To fields are all spoofed Penn State addresses–not UD addresses.
  • Look at the typos: Pnc instead of PNC, Customers instead of customers’, the British
    spelling of unauthorised, etc.
  • Look carefully at the link the scammer wanted you to click. Notice how it does not lead to either a address or a address. If you were to click on it, it would try to take you to a file in a folder on a server at

We reported this one to the proper authorities. And we urged the UD community to delete it.

From: PNC 
Subject: *** Online activity confirmation code MBQCKCJPHP
Date: 	September 23, 2011 9:27:51 AM EDT

Dear customer,

Pnc Bank has been receiving complaints from our customers regarding unauthorised 
use of the Pnc Online Banking accounts. As a result we are making an extra 
security check on all of our Customers account in order to protect their information.

We now need you to re-confirm your account information to us.

If this is not completed by September 25, 2011, we will be forced to suspend 
your account indefinitely, as it may have been used for fraudulent purposes.

 To confirm your Online Banking records click on the following link:

Thank you for your cooperation in this matter.
Pnc Bank Customer Service

Please do not reply to this e-mail as this is only a notification. Email sent to 
this address will not be answered.

2011 Pnc Bank Corporation. All rights reserved.
Encryption Layer 128-bit