Over the weekend of August 23, 2008 roughly 600 phishing emails were sent to University of Illinois email accounts. In two different messages, identity thieves tried to trick people into giving away the details of their University of Illinois email accounts.
The easiest way to spot the phishing attempt is to understand that the University of Illinois will never ask for your password over email. Any email that asks for your University of Illinois passwords should be ignored. In addition to asking for the recipient's password, the emails included several other common characteristics of phishing attempts.
CITES Security has gone through each email and highlighted the gaffes that made spotting these phishing attempts possible. Whether you caught them right away,
didn't realize the emails were fake, or didn't even receive the emails, it is a good idea to go through these two screen captures of the offending emails in order to understand how to spot future phishing attempts:
Explanation of the first phishing attempt
Explanation of the second phishing attempt