Phishing facts and common schemes

Man in glasses holding computer looking into the distance with Secure U logo overlaid

In today’s world, IT staff are not the only ones who need to be aware of cybersecurity. Digital security, safety, and privacy are all things that everyone needs to understand in order to protect important personal or institutional information.

A common way that cybersecurity is compromised is through email scams, otherwise known as phishing.

Phishing is a frequently-used method cyber criminals use to trick you into visiting a fraudulent website, opening an infected document, or responding or forwarding an email message in order to gain access to your accounts or your information. Higher education institutions are popular targets for these scams due to their large size, open networks, and diverse populations.

Scam attempts reported to University Information Security by year

2013                             

345                                                           

2014

228

2015

264

2016

434

2017

231

2018

174

What are some common types of phishing scams?

There are some types of scams that are repeated over and over with variations to try to get an unsuspecting recipient to click a link, enter a password, or unknowingly share information. The following are some basic “hooks” for phishing scams:

Someone @gmail.com shared a document with you!

  • This scam may have an attachment or link to a false login page designed to steal your ID and password.

Are you available? Let me know when you are available. There is something I need you to do.

  • This scam is crafted to look like a targeted request from a manager to purchase gift cards and send them to the scammer.

Jobs, Jobs, Jobs! Internships Available

  • A scam aimed at students who are seeking a job, sometimes targeted to international students, asking them to purchase items that they will be paid for.

Help the victims!

  • This is a fraudulent email scan that commonly appears after major natural disasters and often contain links or attachments that direct users to malicious websites that are mocked up to look like donation pages

Mailbox storage exceeded limit! Email expiring!

  • These scams contain links to fake login pages intended to steal IDs and passwords. These stress a time limit to try to get users to take immediate action. Similar scams may be a "warning" about other University resources being limited (eg. library access being suspended).

Invoice attached

  • This may be a wire fraud attempt. Often this includes a poisoned 'invoice' document intended to compromise your computer if you open the invoice.

Note: These are not the exact subject lines, which tend to vary from scam to scam, but are general types of scams that are seen fairly consistently.

What to do if you receive a phishy-looking message?

If you think you have received a phishing message to your University account, take these 3 quick and easy steps:

  1. Do not engage with the message (such as replying, opening attachments, or clicking on links).  

  2. Forward the email in its entirety to [email protected].

  3. Mark the message as spam in Gmail (this will help block this type of message from being delivered to other people at the University and help educate Google’s spam filters), and delete it.

The University Information Security team receives these messages, responds accordingly, and also routinely tracks and reports on recent phishing attempts to hit the University on their phishing blog. This is a great resource to check if you think you have received a phishing email to your University account.

From your reports of phishing, which may be the first they have seen of it, University Information Security will quarantine further email from the sender, block fake login pages, follow up with affected recipients, and/or notify the University community of potentially widespread or harmful scams.