Original Phishing Message
From: University of Puget Sound <helpIT[@]pugetsound[.]edu>
Subject: Email Notice
Reply-To: stevj07[@]mail[.]ru
Tips for Detection
- helpIT[@]pugetsound[.]edu is not a valid email address for technology services
- Phishing emails may use a spoofed email address that looks legit, but is not. In this case, the email says it is from a pugetsound.edu address but the reply to address is a completely different address (stevj07[@]mail[.]ru)
- Technology services will never ask for you to provide your password
- The university does not use something called “NOW Webmail”
Text of Phishing Message
From: University of Puget Sound <helpIT[@]pugetsound[.]edu>
Subject: Email Notice
Reply-To: stevj07[@]mail[.]ru
This message was sent automatically by a program on Webmail which periodically checks the size of inboxes, where new messages are received. The program is run weekly to ensure no one’s inbox grows too large. If your inbox becomes too large, you will be unable to receive new email. Just before this message was sent, you had 18 Megabytes (MB) or more of messages stored in your inbox on your Webmail To help us re-set your SPACE on our database prior to maintain your INBOX, you must reply to this e-mail and enter your:
Username (……………..)
and Password (………………..)
You will continue to receive this warning message periodically, If your inbox size grows to 20 MB, then a program on Bates Webmail will move your oldest email to a folder in your home directory to ensure that you will continue to be able to receive in coming email. You will be notified by email that this has taken place. If your inbox grows to 25 MB, you will be unable to receive new email as it will be returned to the sender. After you read a message, it is best to REPLY and SAVE a copy.
Thank you for your cooperation University of Puget Sound
———————————————————–
This message was sent using NOW Webmail, http://nownz[.]co[.]nz