This phish started arriving in the early hours today. The sender display name is formed by attaching _mail.com to the recipient netlinkID. Perhaps the malicious actor thought this would make it look more legitimate?! The actual sender’s address is external. Then they use the netlink and the email address of the recipient in the body of the message to make it more convincing.
The goal is the same as usual – to steal your UVic credentials. For this purpose they created a fake UVic page – an exact copy of the real one. Please do not be curious and do not click these links, as sometimes they may contain malware to infect your computer instantly. Our experts open those in dedicated isolated environment.
