This phish uses scary tactic to get the user to take action to click on the link. The subject of the email is very generic, link is also external to UVic, it has formatting errors, no signature. The phishng link will clearly ask for the password as its mentioned in the email body, keep in mind, UVic will never ask for your password. All these are phishing signs. Even if the phish is being sent from an internal address doesn’t necessarily means it is trustworthy, one still needs to pay attention to the phishing signs as the sender address could be spoofed.
Always think and look for red flags in an email before taking an action. Whenever in doubt contact helpdesk.
Subject:Authenticator To Helpdesk!!!
Sender: [redacted sender name]Your University Of Victoria Microsoft account has been filed under the list of accounts set for deactivation due to retirement/graduation/or transfer of the concerned account holder. But the record shows you are still active in service and so advised to verify this request otherwise give us reason to deactivate your university account, We expect you to strictly adhere and address it.
you are advised to keep the same password using the button below to avoid losing your data. kindly indicate if you only have one office 365 email.
(Copy and paste the URL Below into the address bar of your web browser.)
[redacted phish link]
NOTE:KEYWORD Means password
Please note the one-time submission and entry only..