This is a phishing attempt first reported to CSULB ITS on May 4, 2015.
From: "California State University" [firstname.lastname@example.org]
Sent: Mon, May 4, 2015 5:26 AM
Subject: Message from admin portal
This phishing attempt requests user to click on a link that appears to the be the Outlook Web App (OWA). Once the user enters their credentials, the phisher will then have the username and password to use for malicious purposes.
Intent of the Email
The sender is possibly attempting to obtain BeachID account credentials or installing malware via an attachment for their own malicious purposes.
Figure 1: Screenshot of the phishing email