University of Southern California

Phishing Warning 2013-08-28

Posted on by mbordas

Many users have reported receiving the following phish email. If you have received the phish, do not reply, click the link, or supply any login information. If you have replied or followed the link, change your USC password as soon as possible by going to the ITS website at www.usc.edu/its and clicking the icon labeled Change USC Password.

From: Blackboard Alerts <alerts@learn.blackboard.com>
Date: Tuesday, August 27, 2013 3:51 PM
To: You <alerts@learn.blackboard.com>
Subject: Course Information

Good Afternoon,
Your school has posted an important information regarding a course for you.
You are required to immediately sign in to Blackboard Learn.
Click here to sign in to Blackboard Learn
Thank you.
Blackboard Notifications.

Note four tell-tale signs of a phish:

  1. The email lacks personalization (“Good Afternoon” rather than addressing users by name).
  2. The email uses poor grammar (“Your school has posted an important information…”).
  3. The email creates a sense of urgency (“You are required to immediately sign in…”).
  4. The link (not active above) leads to neither a Blackboard nor a USC domain but to a page on a completely unrelated website.  The linked page, signin.blackboard.edu.htm, includes “blackboard.edu” in the address in an attempt to trick users.

Comments are closed.