Final Attempt!

Date Sent

Phishing Email Description

This phishing email attempts to trick the recipient into thinking email forwarding has been added to their account when they have most likely not done so. It then asks the recipient to click a link to a malicious website that attempts to steal login credentials. This site is highly customized to resemble an official U-M website, and even uses elements stolen from real U-M websites. The fake website redirects through GitHub and Google to try and appear authentic. 

How not to get caught: Always check the URL of the login page before logging in. The real U-M login page is https://weblogin.umich.edu. If you are already logged in, it will redirect you to Wolverine Access.

Phishing Email Text

IMPORTANT!!
 
 
All email sent to ”[email protected] ” will now be copied to “[email protected]”.

If you haven't set up email forwarding, cancel below, If this was you, you don't need to do anything.
 
Cancel Forwarding
 
 
You received this email to let you know about important changes to your  umich.edu Account and services.
© 2023 Administrator, 1600 Amphitheatre Parkway

Phishing Email or Site Screenshot
Image of a fake U-M login page, including details stolen from real U-M pages. You can tell it's fake by the URL, which is incorrect. The real U-M login page URL is weblogin.umich.edu .

Some U-M community members reported receiving this email. It is fraudulent or malicious. Do not respond, click any link in it, or provide personal information or money. See Phishing & Scams for more tips. If you need help, contact the ITS Service Center.