All it takes is one or two people to click the link in this fraudulent “Security Service Alert” to put UD information at risk.
The criminal took some time researching UD before sending this spear phishing attempt. Note that he has harvested the correct name for UD IT and the IT Support Center. He has even used the right zip code. The message refers to our central Exchange server, and includes a URL cobbled together out of pieces of the real OWA login URL (owa, win, auth, udel, edu).
The message tries to create a sense of urgency by claiming that your email account is engaged in “spam activities.” The sender hopes that you will be so worried that you’ll click without thinking.
If you take just a minute you’ll see signs that this is fraudulent email that you should delete.
- The sender’s address is not a UD address and is certainly not one that the IT Support Center uses.
- Even if the link is not visible in the message, hover your mouse over the text of the hyperlink to inspect the link. Note that the link does not go to a udel.edu Web address. You can trust Web addresses in which the hostname — the part between the http:// or https:// and the first single slash (/) — ends with udel.edu.
- If we are trying to contact you about your account, why are you not named? Why is the email address to which it is sent not yours?
- No legitimate organization will ask you to verify your account or resolve issues on your account by just clicking a link.
If you see this message, delete it. If you clicked the link, first change you password then contact your departmental or college IT staff or the IT Support Center. Above all else….
Think B4 U Click!