New Malicious Email with Fake Penn login
Below is a letter from the Senior Director of Computing regarding a new malicious email. Please be on the lookout for this message. Always double check before clicking on a link in an email! Also, always feel free to forward a questionable message to firstname.lastname@example.org and we will verify its validity.
To: SAS Faculty and Staff
From: Warren Petrofsky, Senior Director SAS Computing
Re: Malicious Fake Email Today
This afternoon you may have received a malicious fake email claiming to be from the “Technology Service.” It provided a link that looked like a Penn website but really went to a malicious external website, and asked you to login with your Pennkey and Pennkey password. I have attached an image of what the fake email looked like. The goal of such email is to collect your username and password and later use them for malicious purposes such as stealing data or changing where your direct deposit goes.
If you clicked on the link in the email please let me or your LSP know immediately.