Phishing Email Summary
This phishing email attempts to trick the recipient by claiming that there have been unauthorized attempts to log in to their email account. It threatens disabling of the account if action is not taken, and it also impersonates a U-M account by using the signature "University of Michigan Administrator." Links in this phish direct the recipient to a fake U-M weblogin page. The page uses stolen graphics and design elements in order to look very similar to the real weblogin page.
The best way to spot this phish as a fake is to check the URL of the fake weblogin page it directs to. Sending addresses and graphics can be faked or stolen, so examining the URL is the best way to avoid this trap. The real weblogin page is: https://weblogin.umich.edu/ . If you have already authenticated, going to https://weblogin.umich.edu/ should redirect you to Wolverine Access.
Phishing Email Text
Dear umich.edu mail user,
We've noticed an unauthorized login attempt to your mailbox. and your email account will be temporarily disabled by the System Mail administrator
CLICK HERE To validate your account being disabled.
Thanks for helping us protect you.
University of Michigan Administrator