Example 241: Fake UMN Google Login Pop-ups
Email scams are the primary way that cyber attackers infiltrate organizations. Many of the big breaches in the news began with a scam or phishing email. What are the attackers trying to do? They deliver two main weapons via scam email:
- Fake login pages to collect target credentials (ID and password).
- Infected attachment or link to install malicious software (malware) such as Ransomware on the target’s computer.
Indicators of Phishing
- From address is suspicious: [email protected]
- Sense of urgency: Your password is due for expiration Yesterday!
- Hover your mouse over the link or hold on a mobile device to see that the fake login pop-ups are delivered from hxxps://creattica[.]ru/
- Misspelled “Verifying,” slightly broken English
What to do if you receive one of these:
- Do not reply, log in, or click the link(s).
- Forward the scam email, with headers, to [email protected].
- Report it as phishing to Google. In Gmail, click the three-dot More menu next to Reply and choose Report phishing to help educate Google's filters to block similar messages in the future.
- For more information, please see: https://it.umn.edu/manage-spam-email
Your Account Password is due for expiration Yesterday:
Please kindly use the below to continue with same password.
This email has been automatically generated by request. This electronic transmission is confidential and is intended for designated recipients only. If this message was not meant for you, please do well to delete the original and all copies and notify the sender immediately. Adding us to your address book and safe list enhances prompt and quick delivery of fax messages.
Copyright©2021. All Rights Reserved
umn.edu 3/14/2021 7:19:41 a.m.