Phishing Attempt Claims Library Account Expired

[image of fishing hook]

Doug Smullens of the University Library reports that faculty members are receiving fraudulent emails warning that their Penn Library accounts have expired. The email is an attempt to obtain your password!


Here is Doug's letter:

We've received a report of a faculty member receiving an email similar to
the one below that suggests their Penn Library account has expired.  To
maintain the account, the user is encouraged to follow a convenient link in
the message.  The email is a pretty convincing fake.  It uses very
convincing language and has a plausible looking from address, link, and
signature.  The true link destination is masked in html email and is not a
real Penn URL, but is fairly close and hard to distinguish.  The page that
loads looks like a 403 error page.

ISC Security has been notified.   Library staff are aware this has happened
and will be able to help users with any questions.  As with most phishing
scams, the actual link included in the message would be the primary way to
see this is a fake.  In this case the domain:

was replaced with:

If you or your users have questions or concerns about electronic
communications that seem to come from the Library, please contact our
Helpdesk before following the included instructions.

Penn Libraries Helpdesk:
215 898 4824.


- Doug

Doug Smullens
IT Manager
University of Pennsylvania Libraries
215 746 2515



Dear User,

Your library account has expired, therefore you must reactivate it
immediately or it will be closed automatically. If you intend to use
this service in the future, you must take action at once!
To reactivate your account, simply visit the following page and login
wilth your library account.

Login Page:


Phone: 215-898-7555
University of Pennsylvania Libraries
3420 Walnut St., Philadelphia, PA 19104-6206