Adding to the already-large pile of spear phishing attacks we’ve seen this year is a little number from some clever criminals.
The email includes a UD banner and claims to come from HR. It even appears to have spoofed a UDel.edu address to get the attack past spam filters and trick unsuspecting victims.
Note the brief and strange wording (including the “faithfully” in the signature) to set up the bait, which comes in the form of “salary raise documents.” Hovering over the link reveals that it actually goes to “cembaysal.com/udel.edu/Login.html” rather than to a UDel address. The phishers have included the “udel.edu” after the .com domain to trick anyone who reads the address too quickly.
Despite claiming to come from UD, the email makes no mention of where in your UD account these “salary raise documents” might be found or how you could log in through a legitimate University Web page to access them.
This email is a strong reminder that you should never automatically trust email just because it looks or claims to come from someone or some business you know. Always verify the information and links in the email and perform any requested actions by going to the company’s site and logging yourself in safely.