UMICH

Date Sent

Phishing Message Summary

This phishing email pretends to be from U-M email administrators, and threatens disruption of email services if a configuration change isn't made. The poor formatting, unclear message, and attempt to rush the user to take action are signs this is a fake. The fake weblogin site this phish links to has an incorrect URL. The real U-M weblogin site is https://weblogin.umich.edu .

Phishing Email Text

Attention UMICH=C2=A0User;=C2=A0=C2=A0 =C2=A0Your UMICH=C2=A0Account Certif=
icate expired
on 01/08/2019, and this can disrupt your Email delivery configuration
and POP Account settings.=C2=A0 =C2=A0=C2=A0To re-register your UMICH=C2=A0=
Account
Certificate, please take a second to update your records by following
the link below (You have to do this within the next 20mins as the link
expires in 4hr):=C2=A0 =C2=A0Click here to log on [1]=C2=A0 =C2=A0Once the =
information
provided matches our records, your=C2=A0 UMICH Account will function
normally after the verification process, and your UMICH=C2=A0Account
Certificate will be re-vested.=C2=A0 =C2=A0=C2=A0 =C2=A0=C2=A92019 UMICH=C2=
=A0Team Help Desk

-------------------------
Email sent using Optus Webmail

Phishing Email or Site Screenshot
A fake U-M login site is presented by the link in the phishing email. The fake site has an incorrect URL.

Some U-M community members reported receiving this email. It is fraudulent or malicious. Do not respond, click any link in it, or provide personal information or money. See Phishing & Scams for more tips. If you need help, contact the ITS Service Center.