A rather clever phishing email is showing up in inboxes around campus. Take a look.

 

 

This one is so very clever as the links on the bottom are legitimate. They take you to Mailchimp’s contact info, terms of use and privacy policy. Where things get interesting is if you click on the other links. They all take you to a Google site masquerading as a Mailchimp login page.  A lot of work went into this one.  It is so close to the real thing that only the sender’s email address and hovering over all the links gives you any clue there is something amiss.  The email itself is perfect.

This is quite admirable really, if you forget that they are trying to steal your Mailchimp credentials  and your information that Mailchimp has on file.  When the emails are this good it is hard know whether they are legitimate or not. The best way to deal with them is to visit the organization’s website using a bookmark or search result and check your account information that way.

Kudos to the employee who identified this bad boy and forwarded it to abuse@mtroyal.ca.   If you find a nasty like this sitting in your inbox, do what your colleague did and forward it to us. We will send you a super cool sticker and give you the title of cybersecurity superhero in return.