Malicious email alert: UW acct phishing email

Another phishing email targeting UW email acct.

It initially appears to contain a link called “Click on show images to read secured message” (see image 1 below). In some email applications, clicking the link will take you directly to a malicious website. In other applications, it will turn into an image (see image 2 below), which is itself a link. If you then click anywhere on the image, it will go to a malicious website.

phish1

phish2

Another thing that is notable about this email is that the link includes washington.edu and uw.edu. However, it does not go to a washington.edu or uw.edu website.

Let’s break this web address down into its components: domain, directory, and webpage.

link

Of the 3 components, the one you need to check is the domain. In this example, we can see it is NOT a washington.edu or uw.edu domain and is therefore not a legitimate UW website.

The directory and webpage components do contain washington.edu and uw.edu, but this does not matter. These components can be named anything.