Thanks for everyone that reported and identified the ‘pay dates have been modified’ phishing email this morning. I think our previous phishing simulations and training have really paid off and people seem more conscious of these types of scams.
This was a real phishing attempt that made it through our email filters, and it was NOT a simulation.
- A couple indicators to notice in this email is that it came from a UCR.edu (University of California, Riverside) email address. Not a MSU address and why would UCR email us about pay dates?
- There was a yellow banner across the email to draw attention that this was an external email address and to be extra cautious.
- The multiple asterisks and under case words in the title also draw attention and makes you look twice at the content.
Information Security has removed the email message and deleted it from email accounts that received it. They’ve also blocked the site.
Again, thanks for everyone that caught it!