Well-constructed MyWashburn phishing e-mail

Overnight a number of people received a well-constructed phishing e-mail that went to an exact replica of MyWashburn (http://my.washburn.edu).  It would have looked something like the screenshot below.  If you clicked this link and entered your username and password on the following page, please contact support@washburn.edu so we can take actions to remediate the issue.

phishmail

In order to discern this as phishing, there are a few indicators:

1) The FROM address is not a washburn.edu account:
phishfrom

2) If you hover your cursor over the link, you can see it does not go to a Washburn website:

phishlink

3) The website that link directs you to does not have a washburn.edu address:

phishsite

If you missed those indicators, it was very easy to miss the fact that this is not in fact a Washburn e-mail or website.

For more on identifying phishing e-mails, see these prior blog posts:Direct Deposit targeted via phishing emails:
http://blog.washburn.edu/technology/2014/08/19/direct-deposit-information-targeted-in-online-theft-schemes/

Watch out for Phishing e-mails:
http://blog.washburn.edu/technology/2013/08/27/watch-out-for-phishing-e-mails/

Anatomy of a Phish:
http://blog.washburn.edu/technology/2012/10/02/cyber-security-awareness-anatomy-of-a-phish/