Spear Phish Targets USU
At about 10:30 this morning (July 1) we received about 250 copies of a rather authentic looking email apparently from firstname.lastname@example.org announcing an updated email service with improved security. A link to an authentic looking Outlook/Office365 login page was provided on a hacked webserver in Australia.
The message was very nicely customized for USU, except that they left one line indicating that they had previously attempted a similar scam against Texas Tech University. The spammer had just over 250 USU email addresses, with very few old addresses.
Applying the "Skeptical Hover Technique" to "this link" revealed that the link actually went to a hacked webserver in Australia: http://wrn.fridayflowers.com.au/eml/usu/login. That page looked like this:
Would you have been fooled or are you an Internet Skeptic?