Phishing message of March 4th, 2014

The morning of March 4th, 2014, a "phishing" email message was sent to many SEAS email accounts. A phishing message appears to be from a trustworthy person but is actually an attempt to acquire private information such as passwords.

The email that was sent had the subject line "Hello fellow students" and appeared to be sent from a SEAS student. It contained the link "http://wabmail-seas-upenn-edu.webs.com/".

Upon learning of the phishing attempt, we blocked this email at our gateway. We also blocked SEAS computers from accessing the malicious website (via a change to our DNS server).

In general you should be very hesitant to click on links that are sent to you in an email. While you might recognize this particular message as fraudulent by its unsolicited advertisement of a tutoring services, attackers are getting more sophisticated all the time. For example, this attacker clearly did some research and used the "From" information of an active SEAS user.

This article gives more information about avoiding these kinds of tricks.

Note: A similar phishing message was sent to SEAS users on February 17, 2014.

If you did click on the link, please contact CETS (cets@seas.upenn.edu) so we can help make sure your information is secure.

Levine Hall, Room 164