University of Southern California

Phishing Warning 2016-02-10

Posted on by mbordas

Many users have reported receiving the following phish. If you have received the phish, do not click the link or reply to the message. If you have replied, followed the link, or supplied login information, change your USC password as soon as possible by going to the top of this website and clicking the link called change your password on the top menu bar.

From: user@usc.edu
Date: February 10, 201 at 8:40:02 AM PST
Subject: Helpdesk

Your e-mail account was LOGIN today by Unknown IP address: 103.240.180.228, click on the Administrator link below and LOGIN to validate and verify your e-mail account or your account will be temporary block for sending more messages.

Warm Regards,

Helpdesk Administrator.

Note several features that indicate this is a phish:

  1. The email asks you to follow a link to a non-USC website (uschelpdesk.weebly.com). You should never enter your USC credentials on a non-USC webpage, especially when directed there by an unsolicited email.
  2. The email lacks personalization.
  3. The email includes improper grammar.
  4. While this email appears to have been sent from a USC staff member, the several other phish features suggest that the From: field was spoofed in an attempt to appear legitimate.

Comments are closed.