User menu

Menu

Main menu

Recent Phishing Examples (Lehigh)

Fake Upgrade Alert (again)

This message is a version of the same scam we have seen before. The screenshot shows that, depending upon your mail client, and whether it blocks images, the message can look slightly different. Note that the link, which purports to go to http:/www.lehigh.edu/ltsNews (this URL does not exist and is not even correctly-formed, as the slash following the colon should be two slashes) actually goes to http://www.123contactform.com/form-580146/Lehigh.

Fake Upgrade Alert (again)

"Violation Security Breach"

This email tells you that your webmail has been infected with a dangerous virus. It is a fake.

"Violation Security Breach"

Fake "Verify Mailbox and Increase Quota" Alert

This email tricks you into thinking there is a problem with your mailbox and quota and encourages you to click the link to fix it. Do not click on the link. Note also the improperly sized Lehigh graphic. This email should be regarded as SPAM and deleted.

Fake "Verify Mailbox and Increase Quota" Alert

Fake "Account Update" Alert

This email implies that as a result of an upgrade, you need to log in to your account to check out the "effect". It provides a link to the supposed login page (LTS would not do this--users should know where the login page is, and should know not to click on links in email messages). Notice that this link goes to a page in a non-Lehigh domain (the page looks very much like our portal login page--but if you pay attention to the web address, it can't possibly be a Lehigh page). This email should be regarded as SPAM and deleted.

Fake "Account Update" Alert

Fake Portal Login Page

This is the fake portal login page that the fake "Account Update" alert message links to. It looks almost perfect. But notice the address, "chriscomport.com". This page is not real and you should not enter any information whatsoever into this page.

Fake Portal Login Page

Fake "Security Breach" Alert

This email is quite similar to yesterday's fake Upgrade Alert message, even using the same Subject line. However this message attempts to create a sense of urgency by claiming that your account will be closed if you take no action. That should be a red flag, as LTS will never threaten you with account closure. Also notice that the link at the bottom of the email is pointing to a non-Lehigh domain. This email should be regarded as SPAM and deleted.

Fake "Security Breach" Alert

Fake Upgrade Alert

This email purports to be a notification from LTS about upgrades to the Lehigh web-mail servers. As a security precaution, Library and Technology Services no longer sends emails with links in them. If you get an email claiming to be from us, and directing you to follow a link, you may safely assume it is fraudulent, and should delete it immediately.

Fake Upgrade Alert

Fake "Irregular Action" / Verify Address Alert

This clever phishing example looks like it is from Lehigh. If you hover over the link, notice that the server address - the part between the double-slash and the next slash - is not the lehigh.edu domain (it starts out like a Lehigh web address, but it actually ends with "beverlyblackburn.com"!). Very tricky. If you were to follow this link (DON'T), you'd see a fake webmail login page (shown elsewhere in this list). NOTE: LTS will not send links in email, and we will not ask for your password!

Fake "Irregular Action" / Verify Address Alert

Fake Lehigh Webmail Login

This web form is attempting to look like a Lehigh secure web page. Note that the web address (URL) is not in the lehigh.edu domain.

Fake Lehigh Webmail Login

Fake Lehigh LTS Account Compromise Alert

This clever phishing example looks like it is from Lehigh LTS - note that if you hover over the link, it is not the lehigh.edu domain. NOTE: LTS will not send links in email, and we will not ask for your password!

Fake Lehigh LTS Account Compromise Alert

Fake Lehigh Account Information Form

This web form is attempting to look like a Lehigh secure web page. Note that the web address (URL) is not the lehigh.edu domain. There are also a number of misspelled words, including Lehigh.

Fake Lehigh Account Information Form