While we won’t be fishing in the Susquehanna anytime soon, “phishing” at Bucknell from non-legitimate sources is always in season.
This morning many of us received a variant of the following message:
———- Forwarded message ———-
From: lkassel <firstname.lastname@example.org>
Date: Thu, Feb 13, 2014 at 9:40 AM
Subject: Storage Limit Exceeded
Your bucknell Mailbox has exceeded its available storage capacity. To upgrade your mailbox to a larger and better storage, you are to click the link as follows and provide the information needed therein http://www.casquinhaeventos.com.br/form/forms/form1.html
Failure to comply within 48hrs will result in the de-activation of your account.
bucknell Help Desk
© 2014 bucknell University
This is a great opportunity to educate ourselves on what to look for in a phishing email. This message shows a number of signs of a scam:
1. Who is “lkassel <email@example.com>?”
2. Some of the grammar and punctuation throughout the email leaves a little to be desired. For example, “Your bucknell Mailbox…” “Bucknell” is a proper noun–at least, more so than “Mailbox.”
3. The URL you are invited to visit–www.casquihaventos.com.br–is a bit “phishy,” don’t you think?
4. If you actually visit the site (which we DO NOT recommend), someone made what appears to be a juvenile attempt at a website asking for your username and password. It looks nothing like any of the websites Bucknell hosts.
5. WE WOULD NEVER ASK YOU FOR YOUR USERNAME AND PASSWORD IN AN EMAIL.
6. Looking at the signature, who is “bucknell Help Desk” and why is there a need to include a copyright on it? A Bucknell staff member always signs our emails. Oh, and again we typically capitalize the proper noun “Bucknell.”
Hopefully few, if any, have fallen for this scam. However, if you or someone you know did we strongly encourage you to change your Bucknell password immediately.
As always, if you have any further questions or concerns please contact Tech Support at firstname.lastname@example.org or by calling 570.577.7777.