Phishing Warning 2014-03-25
Many users have reported receiving the following phish. If you have received the phish, do not click the link or reply to the message. If you have replied, followed the link, or supplied login information, change your USC password as soon as possible by going to the ITS website at http://itservices.usc.edu and clicking the link called Change Your USC Password.
From: University of Southern California [firstname.lastname@example.org]
Sent: Tuesday, March 25, 2014 6:42 AM
Dear Account User,
This is to Remind you that your EMAIL log in details will be out of date in two days, you are requested to forward your last log in Information (User Name) (Password) to: email@example.com
A new log in details will be issued to you,
Failure to do this your account will be deactivated after 24 hours.
Note several features that indicate this is a phish:
1) The email asks you to follow a link to a non-USC website. You should never enter your USC credentials on a non-USC webpage, especially when directed there by an unsolicited email.
2) The email was sent from a non-USC email account.
3) The email uses poor grammar and improper capitalization.
4) The email creates a sense of urgency.