Server Error: Incoming messages placed on hold..........
These are some examples of phishing emails seen on campus. Do NOT assume a suspect email is safe, just because it is not listed here. There are many variants of each, and new ones are being sent out each day.
Review your activity.
Hover over the link to uncover the lure.
New Messages From Stanford Canvas Team
Canvas
The Stanford Canvas team posted five new messages on your Canvas dashboard that requires immediate attention.
Login to Canvas
Thanks
Stanford Canvas Team
New message for <user>@stanford.edu
Another phishing email looking for your SUNet password. Never click on links without validating URL.
Dear <user>@stanford.edu,
You have a new messages regarding to your SUNet ID.
View message
Stanford/message/SUNetID -> link to fake login page
© Stanford University
from (370) 058-7618 - random numbers that apper to be phone numbers
Carries a malicious attachment.
From: "stanford.edu Missed incoming Audio Message...." <nkiersz@stanford.edu>
Date: Thursday, November 21, 2019 at 10:46 AM
To: user <user@stanford.edu>
Subject: from (370) 058-7618
Duration - {00:59} secs.
Access locked: Server Error
Phishing emails using a compromised SUNet id. Hovering on the link reveals the malicious URL.
From: Stanford University <compromised@stanford.edu>
Sent: Wednesday, November 20, 2019 8:44 AM
To: user <user@stanford.edu>
Subject: Access locked: Server Error
Due to a server error on your e-mail, (user@stanford.edu) (7) incoming messages were delayed.
Log on to your portal to recover your delayed messages
Recover Delayed Messages
2019 Message Center
from <random phone number>
Attachment that mimics a sound file but it is really a HTML page. Leads to a credential harvesting page.
From: Scott Spain <sspain@oreganos.com>
Sent: Thursday, November 14, 2019 2:42 AM
To: user@stanford.edu
Subject: from (671) 322-3152
Duration - {00:59} secs.
Time - 14-Nov-2019 05:42:15
