I recently received an email from someone who claimed to represent the technical support of my alma matter, Virginia Tech. The email was obviously a standard phishing email. I provide the email below for your reference.
Dear VirginiaTech E-mail Subscriber,
This is to inform all Subscribers that our server upgrade/maintenance is scheduled for June 30 2011. You may experience login problems during this period. We are having congestion due to various anonymous account registrations and on this note, we are deactivating some accounts that are no longer active and your account may be deactivated if no action is taken.
To confirm and keep your E-mail account active during and after the upgrade and maintenance, you are advised to login immediate!! ly using the account login vt.edu/impaccupdateportal (I have removed the hyperlink so as not to support their website).
Your E-mail account will remain active after we have successfully upgraded our server. This is to help us serve you better. We apologize for any inconvenience. Thank you for your swift response to this notification.
VirginiaTech Technical Support Team
The first thing you need to know is that an email provider will never ask you to send them your password or send you an email with a link to “re-authenticate” your account. These two items are dead giveaways. If you find them in an email, you should immediately suspect foul play.
I hovered my computer’s mouse over the hyperlink included in the email, and, sure enough, it did not point to a Virginia Tech address. Here is the url of the link included in the email http://220.127.116.11/~dorothe/authentification/account.html.
Clearly, the url has nothing to do with Virginia Tech. Having confirmed this, I then did a whois on the base IP, 18.104.22.168, to see who owns it. Whois returned LeaseWeb, a hosting company based in Amsterdam, as the owner of the IP. It also provided an address for reporting abuse.
If you receive a similar email, please take the time to report their abuse. We should make sure that our less tech savvy colleagues do not fall for this scam.