Skip to main content

This Was a Phish

Ohio State regularly runs phishing training exercises to the university community. By clicking the link that brought you to this page, you succumbed to a university phishing simulation. Read on to learn how to spot phishing messages and protect yourself and the university from malicious attacks.

Spotting the Phish

You received this email:

This screenshot shows a phishing email spoofing Apple that claims a PayPal invoice for an iPhone 17 Pro has been generated . It displays a warning banner about an external sender and lists transaction details, including a $1,099.99 charge and a specific invoice ID . The message prompts the recipient to "View Receipt Here" if they do not recognize the unauthorized purchase

 

Sender Addresses: The sender address, apple@paypol-login.com, is not a legitimate domain for the PayPal service and should raise red flags. The domain (everything after the @ symbol) is the first indication that this might be a phishing attack. 

Suspicious Language: The email is threatening recipients about the potential of being charged for a product they did not order. There are grammatical errors and one should be careful to inspect emails before acting.

When you click View Receipt Here, you are sent to a fake log in page.

This image displays a mock-up of an Apple Store sign-in page, appearing as a landing site for a phishing attempt . It features a central "Sign in to Apple Store" header above an input field for an Apple ID and links for forgotten credentials . The page includes a standard Apple navigation bar at the top and a footer with legal disclaimers and a 2019 copyright notice

 

Review the URL of web page before engaging with it: When you clicked from the email, a website was loaded with a URL of https://order-history.paypol-login.com, which is not a legitimate site. Attempt to confirm the legitimacy of a site before you enter login credentials or personal information like name, email address or phone number.

 

Report Phishing Attempts

Image of the 'report suspicious' banner displayed at the top of every external email you receive. Click this banner to report suspected phish.

If you ever suspect an email to be a phishing attempt, please report it immediately by clicking the "Report Suspicious" button in the warning banner which appears at the top of that external email.