Agreed.  It is one of the best examples I’ve ever seen.  It does still have some inconsistencies, though.  And, of course, we can always examine the headers for it’s true point of origin.

In my department (RHS Information Services), we’ve been following up on these attempts with division-wide security alerts showing the message (appropriately sanitized) and educating our users how to spot it and messages like it.  So far, it’s been working well.  We’re starting to get notified of these messages by our user base before we receive/see the message.

Please let your users know that a very authentic looking phish has gone out to a large number of MSU mail accounts. appropriate measures are being taken, however until the form is disabled by the vendor (Google) it will remain possible for users to compromise their credentials if they are taken in by this scam.

The phish appears to come from an official MSU email source, etc. and includes the following  header AND a typical "rights reserved" footer. (I removed the actual form link).

Phish messages don't get a lot better than this!! 

Leo Sell
Academic Technology Help Desk
517-432-6200

-------- Original Message --------

  *********************************************************************************

This E-mail is confidential and privileged. If you are not the intended 

Recipient please accept our apologies; Please do not Disclose, Copy or 

Distribute Information in this E-mail or take any action in Reliance on 

its contents: to do so is strictly prohibited and may be Unlawful. Please 

inform us that this Message has gone astray before deleting it. Thank you 

for your Co- operation. Copyright© MSU 2011. All Rights are reserved.

*********************************************************************************