Example of a Phishing Email

Example of a Phishing Email



Below is an example of a phishing email.  Phishing emails aim to steal personal information, such as your account credentials, through the guise of a trusted source.  There are usually a few signs that give these away as 'phishing' attempts.  If ever you question the legitimacy of an email or have questions about your ECSU email account, you can contact the Helpdesk at 335-3532.  If you believe you may have responded to an email like this one please change your password as soon as possible.



Phishing Example


A good sign that this is a phishing attempt is the link itself.  When you hover your mouse over it, you can see that it points to a URL that is not associated with ECSU.  


Phishing Example URL


You can see the link goes to a 123contactform.com site, containing the form below.
ECSU will never ask you for your account password in a form like this.


Phishing Form


Another good sign that this is a phishing attempt is the warning at the bottom of the message:


Phishing False Warning

This kind of warning with an unreasonably short window for response and harsh penalties for non-compliance is intended to scare you into filling out the form as quickly as possible without considering the source or truth of the message.
Note also the poor phrasing and misspellings used throughout the message.