This is a common form of security attack called a phishing or spear phishing scam.
Groups attempting to steal personal information will often use e-mails that appear to originate from a trusted source to try and trick a user into entering valid credentials at a fake website. Typically the e-mail and the web site look like they are part of a bank or some other organization the user is doing business with.
For example, it could be a phishing email if...
- There are misspelled words in the e-mail or it contains poor grammar.
- The message is asking for personally identifiable information, such as credit card numbers, account numbers, passwords, PINs or Social Security Numbers.
- There are "threats" or alarming statements that create a sense of urgency. For example: "Your account will be locked until we hear from you" or "We have noticed activity on your account from a foreign IP address."
- The domain name in the message isn't the one you're used to seeing. It's usually close to the real domain name but not exact. For example:
- Phishing website: www.regionsbanking.com
- Real website: www.regions.com
If you receive an email like this and you think it may be fraudulent, please report it immediately to the T&C Helpdesk at X8552, email@example.com, or firstname.lastname@example.org. Our technicians will assist you and instruct you on how to effectively remove it.
Please remember... nobody from T&C will ever ask you for any personal information, including your password!