User menu

Menu

Main menu

Recent Phishing Examples (verify-validate)

Fake Virus Alert Warning

This message, with a bogus link to "lehi.yolasite.com", is not legitimate. Do not click on links to non-Lehigh sites (something other than "lehigh.edu"), never give out personal information (SSN, credit card numbers) or provide credentials (such as username or password), and do not reply to unexpected spurious messages.

Fake Virus Alert Warning

"ITS Web Upgrade"

This message is a repeat (look back in the archive to April 30, 2013). The "From:" address has been forged, but that fact doesn't mean much. Email addresses can't be counted on as an indication of a message's validity. The real key is that the link directs you to a web address that has nothing to do with Lehigh (http://myshoponline.net/wp-admin/includes/webmail/). Not only didn't Lehigh send this, it isn't a reasonable imitation of anything we actually would send. Delete it.

ITS Web Upgrade

Irregular Activities Verification

This message contains an attached web form for you to provide personal information (including credit card accounts). The form also contains Javascript, which will capture additional information. As with all such messages, do not open the attachment and do not submit personal information into any forms sent to you by email. Note that although this claims to be from a bank, the sender is a Lehigh address. The listed recipient is the same Lehigh address, and you are only getting a blind courtesy copy (BCC:), so your name and address don't even appear.

Irregular Activities Verification

Banking Information Form

This is the form included with the "Irregular Activities Verification" scam message.

Banking Information Form

Fake "Verify Mailbox and Increase Quota" Alert

This email tricks you into thinking there is a problem with your mailbox and quota and encourages you to click the link to fix it. Do not click on the link. Note also the improperly sized Lehigh graphic. This email should be regarded as SPAM and deleted.

Fake "Verify Mailbox and Increase Quota" Alert

Fake "Irregular Action" / Verify Address Alert

This clever phishing example looks like it is from Lehigh. If you hover over the link, notice that the server address - the part between the double-slash and the next slash - is not the lehigh.edu domain (it starts out like a Lehigh web address, but it actually ends with "beverlyblackburn.com"!). Very tricky. If you were to follow this link (DON'T), you'd see a fake webmail login page (shown elsewhere in this list). NOTE: LTS will not send links in email, and we will not ask for your password!

Fake "Irregular Action" / Verify Address Alert