Phishing Warning 2014-08-18
Many users have reported receiving the following phish. If you have received the phish, do not click the link or reply to the message. If you have replied, followed the link, or supplied login information, change your USC password as soon as possible by going to the ITS website at http://itservices.usc.edu and clicking the link called Change Your USC Password.
From: Administrator <firstname.lastname@example.org>
Subject: Your mailbox has been temporally suspended
Date: August 18, 2014 at 7:07:20 AM PDT
We recently detected an unusual activity from your email account, hence your mailbox has been temporally suspended by the system administrator, please recover your account by clicking on the following link OR copy to your browser: http://webmail.byethost8.com/email/update/webmail_administration/accountsupportlogin.htm
As a result to this, you might receive this message in your spam folder, kindly move it to your inbox and click the link.
We apologize for the inconvenience.
Note several features that indicate this is a phish:
- The email asks you to follow a link to a non-USC website. You should never enter your USC credentials on a non-USC webpage, especially when directed there by an unsolicited email.
- The email was sent from a non-USC email account.
- The email contains multiple grammatical errors, misused words, and awkward phrasing.
- The email lacks personalization.