Outlook upgrades and migrations are a popular theme for phishes. Here are some red flags that you can use to conclude that this email is a phish:
This otherwise simple phish was massively sent to UVic users yesterday, Sep 5th and there could be more coming today. The usual tactics is used – to create a sense of urgency as if your account is going to be terminated. The sender could be external or could be a spoofed internal one but the link is pointing to an external web provider.
Note that sometimes malicious actors register domains or use subdomains of existing providers by introducing the string “uvic” in order to imply legitimacy.
Our top domain is uvic.ca, whereas in cases like www.uvic.a1.biz the top domain is a1.biz which has nothing to do with UVic.
Please don’t be curious and do not click on these links. Usually their goal is to steal your credentials, but sometimes they may contain malware to infect your computer instantly. Our experts open them in dedicated isolated environments.
Observed a re-run of this phish from Aug 30, 2022. It can be found here:
Many of you might have received this phish today morning. Some might have received from a different sender than the one in the image. This is a high volume phish.
The content of the email is usual phishing tactic, creating a sense of urgency that your incoming emails are pending and recover by clicking on the link. The link given is external link (check by hovering over it), which will never be the case if it were to be a true scenario. The sender address is external, generic salutation, fake signature.
Never click on the links just because the email says so. Always think if it were to be a true situation what would it look like, it will make it easy to spot the phishing signs. Whenever in doubt, confirm with the helpdesk or your DSS.
