Phishing Message Summary
This phish immitates U-M IT and tries to convince recipients to enter their credentials in a fake login page by offering an upgrade in email service. The "from" field may be forged to show it comes from a umich.edu address. This fruad can be most easily spotted by looking at the URL it links to. The URL shown in this example is a fraud, the real U-M weblogin address is https://weblogin.umich.edu . The fraudulent URL may be customized to show the recipients' email address.
Phishing Email Text
This notification is prompted to have your account updated to our new mail
server upgrade. Upgrade is to improve our security and new mail
As an active user, use the link below to access and submit ticket for
http:// weblogin - umich - edu [.]cf/ [link removed]
For security reasons, the upgrade portal link will expire within 20 days.
Notice: To esure your receive future email as maintenance/update
notification, make sure your account is updated.
IT Support System