From: firstname.lastname@example.org <mailto: email@example.com>
On Behalf Of Robyn Hedges
Sent: Thursday, October 01, 2015 5:07 AM
Subject: Re: [PSYSTAFF] ITS Service Desk
The user receives an email claiming their email has been accessed by a third party and to click on a link to authenticate their account. The link goes to a fraudulent site which looks like CSULB's OWA login page. This has been reported as abuse to the website host company. Recipients of this fraudulent email are advised to mark this as junk.
Intent of the Email
The sender is attempting to collect password information to access email accounts for their own malicious purposes.
Figure 1: Screenshot of the phishing email
Figure 2: Screenshot of the phishing site attempting to capture email passwords