This email, which purports to be from the "Help Desk®" with the subject "Your Mailbox" claims that you need to update and verify your Webmail certificate. It will ask you to click a link within the email to provide your credentials. This is NOT legitimate! You will never be asked by LTS to provide your credentials through a direct link within an email. Please delete this email or any similar email that hits your inbox.
Fake Webmail Security Message
Tuesday, March 3, 2015 - 08:15
This email is NOT legitimate. It purports to be from the "Lehigh University Webmail Management Team" warning about an account break-in attempt. The link in the email is an attempt to steal usernames and passwords. Do NOT click the link. This message should be discarded with no further action. If you have clicked the link and supplied information, please change your password immediately.
Fake Trojan Horse Warning
Monday, August 25, 2014 - 09:47
This is a relatively straightforward phishing example. Note that the link address (which isn't hidden in any way) is not in the "lehigh.edu" domain, but in "webs.com". And Lehigh is misspelled.
Lehigh University Portal
Monday, August 18, 2014 - 09:12
This message is an attempt to obtain your credentials through claiming your email has exceeded its memory size and requests you to upgrade your mailbox by clicking on the listed link. Do NOT click on the link! You can always verify your own quota limit by going to your account page (www.lehigh.edu/account) and checking quotas under mail management.
IT Services and Operations (Fraud)
Monday, July 8, 2013 - 00:00
This message fraudulently tells the you, the recipient, that the webmail server has been upgraded and that you should click and follow the links to take advantage of new security features. While the text appears to be a legitimate link if you hover over the link you see that it takes you to a non-Lehigh server and likely one that will do harm to your identity or your computer.
Webmail Upgrade Fraud
Friday, June 21, 2013 - 00:00
This message indicates that you are using more space for web mail than you have been allocated. It threatens that unless a link is clicked to upgrade the account, the account holder will be unable to receive email. Notice that the message is signed "Admin Help Desk" (no such thing), refers to "email labs" (again, no such thing), and that the link points to someplace that is not lehigh.edu. Clicking the link can result in having your account credentials compromised. This email should be regarded as SPAM and deleted.
Account Security Breach Violation
Thursday, June 13, 2013 - 00:00
This message purports to be a "Lehigh Web Notice" about a security breach to your account. It threatens that unless a link is clicked to verify the account, the account holder will be unable to send email. Clicking the link can result in having your account credentials compromised. This email should be regarded as SPAM and deleted.
Fake Upgrade Alert (again)
Thursday, May 16, 2013 - 00:00
This message is a version of the same scam we have seen before. The screenshot shows that, depending upon your mail client, and whether it blocks images, the message can look slightly different. Note that the link, which purports to go to http:/www.lehigh.edu/ltsNews (this URL does not exist and is not even correctly-formed, as the slash following the colon should be two slashes) actually goes to http://www.123contactform.com/form-580146/Lehigh.
"Violation Security Breach"
Tuesday, April 30, 2013 - 00:00
This email tells you that your webmail has been infected with a dangerous virus. It is a fake.
Fake Upgrade Alert
Thursday, April 18, 2013 - 00:00
This email purports to be a notification from LTS about upgrades to the Lehigh web-mail servers. As a security precaution, Library and Technology Services no longer sends emails with links in them. If you get an email claiming to be from us, and directing you to follow a link, you may safely assume it is fraudulent, and should delete it immediately.
Fake Lehigh Webmail Login
Thursday, April 4, 2013 - 08:00
This web form is attempting to look like a Lehigh secure web page. Note that the web address (URL) is not in the lehigh.edu domain.