Phishing Email Summary
This phishing email attempts to trick recipients by claiming to contain a document for their review. The phish links to a fake Outlook Web Access login page designed to steal user credentials. If you receive similar email:
- Do not open or download unexpected attachments, especially if you do not know the sender.
- Check with the sender if you know them but didn't expect the message or attachment.
- Check the URL before you log in to any site to make sure it's not a fake.
A text only example of the phishing email is given below, as well as a screenshot of the email as originally formatted, and a screenshot of the fake Outlook page.
Phishing Email Text
Citrix Attachments for umich.edu
User: [uniqname removed]
Expires July 21, 2020
Trading Platforms For Approval.xlsx
1.9 MB
Download Attachments
umich.edu uses Citrix Files to share documents securely.
![Screenshot of the originally formatted phishing email. This email was formatted as a table with links in it.](https://safecomputing.umich.edu/sites/default/files/Screen%20Shot%202020-07-16%20at%204.32.51%20PM_0.png)
![Screenshot of the fake Outlook login page. Always check the URL of a page before logging in.](https://safecomputing.umich.edu/sites/default/files/1%20Screen%20Shot%202020-07-15_1.png)