Child pages
  • 2017-09-02 September Payroll Information
Skip to end of metadata
Go to start of metadata

This is a phishing attempt first reported to CSULB ITS on September 2, 2017.  Repeat reports received on September 9, 2017.

From:  Deborah Sanchez
Sent:  Saturday, September 2, 2017 6:50 AM   
Subject:  September Payroll Information


Summary

The fraudulent email is very vague and informs recipients that they have 1 new notification regarding payroll.  The link appears to be a legitimate web address; however, it leads the user to a page that appears to be the CSULB Outlook Web App (OWA) login page.  This phishing email comes from an actual CSULB account which has been compromised by phishers/hackers and is being used to broadly email the campus.  The compromised account issue is being addressed.

Intent of the Email

The sender is attempting to capture email account credentials for their own malicious purposes or to install malware. The link appears to go to a foreign website.

Screenshots

Figure 1: Screenshot of the phishing email

The landing page leads the user to a fake OWA page that is hosted on an international webpage and not mail.csulb.edu.


Figure 2: Fradulent OWA page 


View all Phishing Reports:

All Phishing Reports


  • No labels