Upon clicking the "View File" link, the user is brought to a malicious login page where the username and password entered is harvested and used to gain unauthorized access to the user's account. The malicious login page is as follows:
ITS would like to remind users to be mindful of unsolicited messages and where you are entering your username/password. While many phishing sites like the one above increasingly look legitimate, there are tell-tale signs that the site is not legitimate. More information about phishing attacks and how to avoid them can be found at ITSblog: http://itsblog.manhattan.edu/search/label/phishing
