Child pages
  • 2018-03-09 confirm email
Skip to end of metadata
Go to start of metadata

This is a phishing attempt first reported to CSULB ITS on March 9, 2018.

From:   California State University, Long Beach <webmail@csulb.edu>
Sent:  Friday, March 9, 2018 8:45 AM   
Subject:  confirm email


Summary

The fraudulent email claims to be from CSULB but comes from a fraudulent email address.  The message claims that recipients have email inboxes that are exceeding allowable size and to reply to the email by providing username and password to maintain the account.    CSULB never asks employees to reply to emails to maintain email accounts or storage.    

Intent of the Email

The phisher/sender is attempting to capture email account credentials for their own malicious purposes.  The first line within the body of the email from Microsoft indicates that the message failed Microsoft's fraud detection checks and may be spoofing, which is true in this case.

Screenshots

Figure 1: Screenshot of the phishing email

View all Phishing Reports:

All Phishing Reports


  • No labels