Phishing Attack "You Have One New Message from webmail.duke.edu" (Oct 31, 2013)

We're receiving multiple reports of a new phishing attack purporting to be a notification from WebMail about a new message. See a version of the message below:

 

 

The "VIEW MESSAGE" hyperlink redirects to a non-Duke hosted page that clones our WebMail login page (please be advised, this is not Duke's WebMail Sign-on page -- noticed the URL in the browser):

 

 

We ask that anyone who received the message, clicked the link, and provided login credentials please notify the OIT Service Desk immediately at 919.684.2200