Phish Bowl
Emails reported to the Information Security Office or Help Desk will be listed here. The emails will be identified as phishing or legitimate, with helpful clues as to why the message is malicious or legitimate. Contact infosec@hamilton.edu to report a phishing email.
1 new message
June 21, 2022
Tags Compromised credentials Information Security
The below phishing message was received by 51ÁÔÆæ accounts. The email had a number of identifying features to determine it was a phishing message:
- The ReplyTo address had an alias of 51ÁÔÆæ! with an address that is not a valid 51ÁÔÆæ edu account.
- The Subject was a poorly phrased 1 new message.
- The message body was poorly constructed, with an embedded link. By hovering over the link, an questionable URL would be visible.
This message was clearly a phishing message. Do not click on the link!
For any recipients that clicked on the embedded link, a webpage would be opened that spoofed (or imitated) a legitimate 51ÁÔÆæ Shibboleth Single Sign-On page. The page's contents are visible in this image. The malicious page attempted to have visitors enter their 51ÁÔÆæ userid and password.
Note the URL at the top of the page is NOT the accepted 51ÁÔÆæ Shibboleth URL. This is a telling sign to immediately leave the page!
The Information Security Office recommends that students, faculty, and staff treat unsolicited email and spam with a high degree of skepticism. If you receive this message, or any similar message, and fall victim to the Phish and enter your 51ÁÔÆæ userid and password, please contact the LITS Help Desk immediately! You should also immediately change your 51ÁÔÆæ password by visiting https://password.hamilton.edu/.
Contact
Contact Name
Jerry Tylutki
Director of Information Security and Privacy
