Original Phishing Message

NOTE: If you received this message, simply delete it and do NOT click on the link. This message is NOT legitimate.

From: Aishwarya Chandrasekaran <axc1237[@]student[.]bham[.]ac[.]uk>
Subject: Attention !!

Tips for Detection

The language implies a sense of false urgency
The link leads to a malicious website. Always hover over links to see where they lead.
This sender is an individual from outside the university — note the sending address.
Legitimate notices about password expiration will begin 14 days prior to the impending password expiration. You will never be asked to click on a link to keep your password or stop password expiration.
Remember – do not share your credentials with anybody or enter it on online forms.

Where did the link lead?

The link led to a fake Webmail login page. Notice the URL is bugle-clownfish-syhb[.]squarespace[.]com. Do not enter your university credentials on sites you do not recognize.

Text of Phishing Message

From: Aishwarya Chandrasekaran <axc1237[@]student[.]bham[.]ac[.]uk>
Subject: Attention !!

Attention !!

Your password will expire in 24hrs, to stop this Click Here

Puget Sound Information Security

Do your part. #BeCyberSmart

Phishing from 9/14/2022: “Attention !!”

Tips for Detection