That is either the best spear-phish I’ve ever seen, or it’s legit. Is it just me, or is doing this a bad idea? I would never send out a “change your password now or you’ll be cut off!!!” email. We’ve spent over a decade trying to teach users not to believe “give me your password, you dolt” phishes, and so for an IT unit to do this “legitimately” reverses a decade of effort for I think most of us here, and at other institutions World-wide. Of the decade+ I’ve personally spent answering these “are you a slow-learner?” emails, I’ve decided exactly zero were legit. Imagine if the IRS even once sent out an email around tax time. The fraud would be off the charts and it would take years to undo the damage. Many institutions have a, “we’ll never do this, so don’t believe the phishes” statement on their site. Please reference the first sentence from the IRS link, and the sentence in red on page at techbase.msu.edu. http://www.irs.gov/privacy/article/0,,id=186436,00.html http://techbase.msu.edu/article.asp?id=4194 I’ll personally request that any U. units doing this, please, please reconsider. Surely there is an alternative practice which will fit your needs. Brian Hoort From: John Valenti [mailto:[log in to unmask]] Sent: Monday, April 12, 2010 3:37 PM To: [log in to unmask] Subject: [MSUNAG] Fwd: size="+1">SUBJECT: Important: Password Expiration Notification - uadv.msu.edu hi NAG'ers, I'm trying to decide if this is spearphishing, or legitimate. It has at least two tags tending toward malware: 1) subject line is messed up with "size="+1" 2) link to SOS Group is numeric IP address (but on campus) I'm guessing it is legitimate, but pretty confusing. What is "Spartan Way"? A search says that it is a street name, but how can someone be in a street? thanks for any leads -John PS - sorry to forward this to the group, but my people send me about five of these per week, and I can usually decide within 30 seconds. Four out of the last four have been scams. Begin forwarded message: From: ...... Date: April 12, 2010 2:10:04 PM EDT To: "'John Valenti'" <[log in to unmask]> Subject: FW: size="+1">SUBJECT: Important: Password Expiration Notification - uadv.msu.edu Hi John, Is this a scam? Mary From: [log in to unmask] [mailto:[log in to unmask]] Sent: Monday, April 12, 2010 8:00 AM To: [log in to unmask] Subject: size="+1">SUBJECT: Important: Password Expiration Notification - uadv.msu.edu Hi Mary, Your password for account "meyerma8" expires in 0 day(s). Please change the password as soon as possible to prevent further logon problems. Trouble viewing this email? Click this link If your password has expired or you want to change it are you inside or outside Spartan Way? ++++++++++++++++++++++++++++++++++++++++++++++ Users in Spartan Way ++++++++++++++++++++++++++++++++++++++++++++++ Once you are logged in Hold down Ctrl - Alt - Delete on the keyboard and left click 'Change Password' ++++++++++++++++++++++++++++++++++++++++++++++ Users outside Spartan Way ++++++++++++++++++++++++++++++++++++++++++++++ Login to the UA VPN at https://gate.uadv.msu.edu Click the 'Preferences' button Click the 'General' Tab Type in your old password, then type in the new password and re type the new password. Make sure the New Password and Confirm Password match. Password requirements are: Minimum 10 characters Must contain 3 out of 4 -one CAP letter, one lower case letter, one NUMBER and one SPECIAL CHARACTER You will need to change your password on your mobile phone too. Check below for instructions. Instructions to setup first time or change password for Iphone are here Instructions to setup first time or change password for Windows Mobile Phone are here Thank you! SOS Group ---------------------------------------------------------------------------- ------------------- This is an automatically generated message (uas16.uadv.msu.edu) from University Advancement Systems Group. Type in your old password and type in the new password and re type the new password. Make sure the New Password and Confirm Password match. Password requirements are: Minimum 10 characters Must contain 3 out of 4 -one CAP letter, one lower case letter, one NUMBER and one SPECIAL CHARACTER Thank you! SOS Group ---------------- This is an automatically generated message (uas16.uadv.msu.edu) from University Advancement Systems Group.