Secure U
577 gradient

Phishing Scams Targeting the University

See the latest information security alerts and examples of phishing scams sent to University email accounts.

Recent Posts

Example 226: Schedule Message !

April 5, 2019 - 4:00pm

By Joel Anderson

Bogus login page hosted on an Australian website

Forged UMN sign-in page created to steal login ID/password

Message content: 

From: support AT umn.edu  
Date: Fri, Apr 5, 2019 at 2:39 PM
Subject: Schedule Message !
To:  


You have a new rnessage!

Click here to read <httpx ://xxxxx.xxxxx.au/umn.edu>

2019 Regents of the University of Minnesota.

Login Form

Read more of Example 226: Schedule Message !.

Test your phishing know-how!

March 18, 2019 - 2:15pm

By Joel Anderson

Can you spot when you're being phished?

Using security trainings the Google subsidiary Jigsaw has held with nearly 10,000 journalists, activists, and political leaders around the world from Ukraine to Syria to Ecuador, Google has published an interactive quiz to help you sharpen your skills at identifying (AND AVOIDING!) phishy emails. Give it a try and see what you think! https://phishingquiz.withgoogle.com/

Read more of Test your phishing know-how!.

Advisory: New Zealand Tragedy-Related Scams and Malware Campaigns

March 18, 2019 - 10:30am

By Joel Anderson

In the wake of the recent New Zealand mosque shootings, the Cybersecurity and Infrastructure Security Agency (CISA) advises users to watch out for possible malicious cyber activity seeking to capitalize on this tragic event. Users should exercise caution in handling emails related to the shootings, even if they appear to originate from trusted sources. Fraudulent emails often contain links or attachments that direct users to phishing or malware-infected websites. Emails requesting donations from duplicitous charitable organizations are also common after tragic events.

Read more of Advisory: New Zealand Tragedy-Related Scams and Malware Campaigns.

Advisory: Internet Romance Scams

February 12, 2019 - 2:15pm

By Joel Anderson


The Federal Trade Commission (FTC) has released an article addressing a rise in reports of internet romance scams. In this type of fraud, cyber criminals gain the confidence of their victims and trick them into sending money. Use caution when online dating, and never send money or gifts to someone you have not met in person.

Read more of Advisory: Internet Romance Scams.

Advisory: Hackers Targeted Universities

February 4, 2019 - 4:30pm

By Joel Anderson

From the FBI - a case study in phishing directed at a University's resources: Two men who were citizens of Nigeria, living in Malaysia, and conducting their crimes from behind computers likely...

Read more of Advisory: Hackers Targeted Universities.

Pages

Report Phishing

If you receive a phishing scam to your University email address, forward it to us at phishing@umn.edu, and include complete headers. (Note: If you have difficulty forwarding a phishing message, send a summary of the email, including the sender and subject to phishing@umn.edu.)

We will:

  • Block the return email addresses
  • Notify a website's administrators if a website is used to collect replies
  • Block access from the U network to the website
  • Notify other schools
  • Tune our rules that flag email as spam

What's Your Email Worth?

illustration of the data about you that can access through a hacked email account

Brian Krebs recently provided a sobering analysis of "The Value of a Hacked Email Account." Please share this with anyone who needs to be reminded that they shouldn't share their password with anyone!

Previous Phishing Examples

View examples of phishing scams targeting the U from 2012-2018 at phishing.it.umn.edu.

Archive

Pages

If you have a technology question, contact Technology Help. If you have feedback about this webpage, please share it below.

Additional Resources

Recognize and Report Email Scams
Practice Safe Computing
University Information Security