Colorado State University

I just got this e-mail from Stephen Lovaas (ACNS) who found this great example of a phishing e-mail. He has labeled the lines that should jump out and scream “phishing” when reviewing questionable e-mail (those that contain [PHISHING]). Please check this out, and use this knowledge the next time you get a strange message.

—–Original Message—–

[PHISHING] From: System Administrator [mailto:rawalel@mnstate.edu]
Sent: Sunday, April 19, 2009 2:13 AM
Subject: Mailbox Has exceeded Storage Limit

[PHISHING] Dear Webmail User,
This message was sent automatically by a program on Webmail which periodically checks the size of inboxes, where new messages are received.

Your mailbox has exceeded the storage limit set by your administrator. You may not be able to send or receive new mail until your mailbox size is increased by your system administrator.

[PHISHING] To help us re-set your SPACE on our database prior to maintain your INBOX, you must contact your system administrator by replying this e-mail and enter your:

[PHISHING] Current Username: { } and PW: { } to increase your storage limit.
You will continue to receive this warning message periodically if your inbox
[PHISHING] size continues to exceed its size limit or between 18 and 20 MB.

Thank you for your cooperation.

[PHISHING] System Administrator

This email is intended only for the use of the individual or entity to which it is addressed and contains information that is privileged and confidential.