Phishing Alert: [name], You Have Held Messages

Some U-M community members reported receiving this email. It is fraudulent or malicious. Do not respond, click any link in it, or provide personal information or money. See Phishing & Scams for more tips. If you need help, contact the ITS Service Center.

Date Sent: 
Monday, February 8, 2021

Phishing Email Summary

The subject and text of this phishing email will likely be customized with the recipient's name.

This phishing email attempts to trick the recipient into following links that lead to a fake U-M login page. The phish claims that there are messages being held back that the recipient will only receive by logging in to the fake page.

There are a number of ways to spot this phish:

  • The university email system does not hold messages in the manner. 
  • The links in the phish redirect to non-UM sites.
  • The fake login page has an incorrect URL.

Do not enter your U-M credentials into any login page without checking the URL. The real U-M weblogin page is: https://weblogin.umich.edu/ 

Phishing Email Text

 Email quarantine notification for "uniqname@umich.edu".

10 messages, addressed to you are currently on hold awaiting your further action. You can release all the held messages and permit or block future emails from the senders, or manage message individually.

Review all     Release all     Block all

Further information:

Receiver:  uniqname@umich.edu

Held Messages: 10

Time and Date held: 08-02-2021, 09:30am
The system generated this notice on 08-02-2021, at 09:30am.

Do not reply to this automated message.

Phishing Email or Site Screenshot: 
Screen shot of fake login screen. Remember to check the URL before entering your U-M credentials on any page.