Phishing Attack - "Important Message" (April 18, 2014)

A new phishing attack in circulation this morning, purportedly from "Duke Webmail Service" is prompting recipients to click a link to reconfirm account. A screenshot of the message is below:



The "Follow here" link in that message redirects to a non-Duke page that is a direct clone of the current WebMail/Email Web Access page one at duke might access. Unless one notices the actual URL in the address bar, it would appear legitimate. Please not this is an attack against Duke used to harvest login credentials. A screenshot of the page is below:



We ask that anyone who received that message, clicked the link, and provided NetID/password info to please contact the OIT Service Desk at 919.684.2200 immediately.