Phishing Email Summary
This phish may be sent to an individual or to a group, and may reference an MCommunity group name. This phish attempts to trick the recipients by claiming that their U-M password will expire. A link in the phish takes the recipient to a fake login page designed to steal credentials.
Ways to spot that this is a phish include:
- It is sent from a spoofed address. A close examination shows the sender address does not match the display name and the email is not actually from a umich.edu address.
- It directs users to a non-UM (fake) login page. You can spot this fake by examining the URL. The real U-M weblogin page is https://www.weblogin.umich.edu.
Text as well as screenshots of the phish appear below.
Phishing Email Text
umich.edu server notification
Dear [department name removed] ,
The password to your email [department name removed] @umich.edu is expiring on 01/06/2021 07:36:48 pm
You are required to use below to keep same password otherwise access to your mailbox will be denied.
Keep Same Password [link removed]
Connected to Owa
© 2020 umich.edu Corporation. All rights reser