• Recent Posts

  • Categories

  • Archives

Phishing email: “Password Expiry” from Information Technology

This morning’s attempt at fooling users into divulging personal information like usernames, e-mail addresses and passwords and attempts to disguise itself as an email from the “ITS help desk”

Here is what it looks like: (We have removed the dangerous parts)

From: Karen L. Mcdonah [mailto:spoofed or compromised e-mail address]

Sent: Thursday, 29 June 2017 17:41

To: Karen L. Mcdonah <spoofed mail to disguise the sender>


Your password Will Expire In The Next TWO HOURS Current Mail User Should Please Log On To IT-WEBSITE To Validate Your E-mail Address And Password, Or Your E-mail Address Will Be Deactivated. Thank You.

ITS help desk


©Copyright 2017 Microsoft

All Right Reserve

That is it. The classic signs of a phishing email should be obvious.

  1. Unknown or undisclosed sender.
  2. Disguised to make it look like it comes from a legitimate sender (like Information Technology)
  3. Threatening or intimidating users into doing something quickly without checking.
  4. Poor grammar and spelling.
  5. Encourages users to click on a link in the email (which takes them to a server under the control of the criminals where they are asked to provide usernames, email addresses and old and new passwords)
  6. The phishing server is not encrypted (http:// instead of https://) so passwords and user data are captured in plain readable text.

Here is what the phishing site looks like. It uses a “throw-away” website provider. The criminals will use this site for a couple of hours and then close it once they have obtained their intended victim’s personal data. (which makes it financially very lucrative!)






Comments are closed.


© 2013-2020 Disclaimer: The views and opinions expressed in this page are strictly those of the page author(s) and content contributor(s). The contents of this page have not been reviewed or approved by Stellenbosch University.