Example 245: Scam notice of your email being held

Scammers attempt to personalize the scam.

This example shows the scammers attempting to personalize the message and make it more believable by including the recipient’s Internet ID throughout the email.

Note: Our University email addresses and Internet IDs are considered public data unless we have suppressed them. Scammers often collect email addresses off the Internet for their scam recipients. 

Indicators of Phishing

  • From a non-UMN email address, although the shown address is spoofed
  • Sense of urgency: “You may not be able to access your email if ignored”
  • The form’s URL is not umn.edu (emtow[dot]com[dot]au)
  • Non-standard English grammar and spelling errors

What to do if you receive one of these:

  • Do not reply, click the link(s), or login (if you do click the link).
  • Forward the scam email, with headers, to [email protected].
  • Report it as phishing to Google. In Gmail, click the three-dot More menu next to Reply and choose Report phishing to help educate Google's filters to block similar messages in the future.
  • For more information, please see: https://it.umn.edu/manage-spam-email

Example:

From: e-Mail Service Provider umn.edu <[email protected]>
Date: Thu, Jun 24, 2021 at 1:01 PM

Subject: e-MAIL ( [email protected] )SERVER CONGESTION NOTIFICATIONS!
S;53634084;TRIU 8519870 2nd Warning!!
To: <[email protected]>

*umn.edu Email server alert*

[email protected] Server Congestion

Dear UMNIID,

e-Mail web sever is holding (6) incoming messages because your email [email protected] has not been verified. To continue using your account, please verify your email account below.

*Review & Verify your e-Mail*

You may not be able to access your email if ignored, this process takes few minutes only. After verification, allow couple of minutes for update to be compeleted.

------------------------------

Thank you,

Copyright © 2021 cPanel, Inc