University of Southern California

Phishing Warning 2014-06-11

Posted on by mbordas

Many users have reported receiving the following phish. If you have received the phish, do not click the link or reply to the message. If you have replied, followed the link, or supplied login information, change your USC password as soon as possible by going to the ITS website at http://itservices.usc.edu and clicking the link called Change Your USC Password.

From: User <user@gmail.com>
Date: June 11, 2014, 2:21:23 PM PDT
To: undisclosed-recipients:;
Subject: Password Changed.

To reactivate your USC mailbox, click on
https://docs.google.com/forms/d/1pKoAKvp0dexKL6_m3VXiWvQ22gtySVJSiSj29iDGxYE/viewform?usp=send_form
© 2014 USC Help Desk

Note several features that indicate this is a phish:

1) The email asks you to follow a link to a non-USC website. You should never enter your USC credentials on a non-USC webpage, especially when directed there by an unsolicited email.

2) The email was sent from a non-USC email account.

3) The email lacks personalization.

Comments are closed.