University of Southern California

New Phishing Warning (November 13)

Posted on by mbordas

Many users have reported receiving the following phish. If you have received the phish, do not click the link or reply to the message. If you have replied, followed the link, or supplied login information, change your USC password as soon as possible by going to the ITS website at itservices.usc.edu and clicking the link called change your password on the top menu bar.

From: Username
Sent: Friday, November 13, 2015 1:14 PM
Subject: Upgrade Your Usc.Edu Account

You have exceeded your University E-mail account limit quota of 250MB and  you are requested to expand it within 48 hours or else your University E- mail account will be disable from our database. Simply CLICK HERE with  the complete information requested to expand your E-mail account quota to  2GB. Your account will remain active after you have successfully confirmed your account to the monitoring Center.

Web Service Team © 2015. All Rights Reserved.

Note several features that indicate this is a phish:

  1. The email asks you to follow a link to a non-USC website (www.123contactform.com/sitename). You should never enter your USC credentials on a non-USC webpage, especially when directed there by an unsolicited email.
  2. The email lacks personalization.
  3. The email includes improper capitalization.
  4. The email includes incorrect information about USC’s email storage. Up-to-date information is available at itservices.usc.edu/office365 (for faculty and staff) or itservices.usc.edu/google (for students).
  5. While this email appears to have been sent from a USC staff member, the several other phish features suggest that the From: field was spoofed in an attempt to appear legitimate.

Comments are closed.