March 24, 2025
¾«Æ·³ÉÈ˸£ÀûÔÚÏß University Payment Returned.
Posted in: Spear Phishing
Why this looks valid:
- Email is coming from an internal email address
- ¾«Æ·³ÉÈ˸£ÀûÔÚÏß University logo is used
- Email name is ¾«Æ·³ÉÈ˸£ÀûÔÚÏß University
- Link within email is showing as MSU website
Why this is phishing?
- Email address is a personal MSU account
- Sense of Urgency: Stating you’ll lose access to you account
- Link is actually malicious and not associated with MSU. Using the hover over technique it points somewhere else.
- Spelling: Attacker uses “C*V*V #” on the malicious website instead of CSV
- Personally Identifiable Information (PII): Attacker is requesting SSN
Additional Notes:
- Do you think you’ve fallen for a scam? Did you share personal information? Downloaded malicious content? Please contact the IT Service Desk at 973-655-7971Â option 1 or email itservicedesk@montclair.edu.
- Please send any malicious emails you have received to phishfiles@montclair.edu or by clicking the Knowbe4 Phish Alert Button (PAB).
- Always use the “hover over” technique to check web links before clicking! For more security tips please visit our Security Tips page.