This email was sent out on 07/12/2017 trying to steal email address login information. It shows an example of what a potential phishing attempt may look like.
Explanation
There are a couple of initial red flags just after reading the email, even without further investigation:
- To avoid being block click on the link
- This grammar is terrible for an automated message.
- Click Here To Validate
- "Click here" links in emails should always be avoided.
- Oregon State University Webmaster Email Technical Support
- We're just the "Service Desk"
Here are some additional ways we can tell this email is fake:
Sender Address
The sender is not even close to an admin email from Oregon State, it doesn't even say @oregonstate.edu. Keep in mind that even if an email address is an @oregonstate.edu email address, that doesn't make it safe. Email addresses can be spoofed and manipulated to seem like legitimate emails, even when they are not. That is why it is important to look at the context of the email and any hyperlinks in it.
Hyperlinks
The validation email link does not go to an Oregon State, but instead goes to a seemingly random "webhostapp" page. Logging in here will do nothing but give someone your account information.
Even their "www.oregonstate.edu" link doesn't even go to Oregon State University, but instead goes to the malicious web page.
Resolution
Forwarding the email to phishing@oregonstate.edu helps to get the email sender blocked on our system faster.
- Look up the relevant article for your email system for the proper way of submitting the email.
- Forward the email to phishing@oregonstate.edu
- Delete the email or place it in a folder for archival persons.
Once you have submitted the phishing attempt and it is processed the sender's email will be added to our block list and they should be unable to send a phishing attempt from that email account again.
Assistance
For assistance, contact the Service Desk.