Recent Posts

Example 236: Notice of personal information processing (ZoomInfo Spam)

Screenshot of spam email from Zoominfo Notification
Marketing spam from ZoomInfo
Read more of: Example 236: Notice of personal information processing (ZoomInfo Spam)

Example 235: Expiration Notice

A screenshot of the phishing landing page for Canvas
Phishing targeted at Canvas users This phishing scam was sent to a short list of UMN individuals with the subject “Expiration Notice”. 
Read more of: Example 235: Expiration Notice

Example 234: Payroll Schedule

Fake University of Minnesota login page with notes
This phishing scam was sent to a public UMN Google Group with the subject 'Payroll Schedule'. A version of the message is included below.
Read more of: Example 234: Payroll Schedule

Defending Against COVID-19 Cyber Scams

The Cybersecurity and Infrastructure Security Agency (CISA) released the following notice on March 6, 2020,
Read more of: Defending Against COVID-19 Cyber Scams

Advisory: Holiday Shopping, Phishing, and Malware Scams

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users to be aware of potential holiday scams.
Read more of: Advisory: Holiday Shopping, Phishing, and Malware Scams

Example 233: Tutor Needed

Members of the University community have received a fake job offer email aimed at financial fraud.
Read more of: Example 233: Tutor Needed

Advisory: FBI Releases Article on Defending Against Phishing and Spearphishing Attacks

In recognition of National Cybersecurity Awareness Month (NCSAM), the Federal Bureau of Investigation (FBI) has released an article to raise awareness of phishing and spearphishing. The article provides guidance on recognizing and avoiding these types of attacks.
Read more of: Advisory: FBI Releases Article on Defending Against Phishing and Spearphishing Attacks

Example 231: Voice Message from ....

A compromised University account was used to send a fake voicemail message aimed at stealing accounts.
Read more of: Example 231: Voice Message from ....

Advisory: Who Was that Masked Emailer?

Adept email scammers fake the "From" address in emails to look like a real sender.
Read more of: Advisory: Who Was that Masked Emailer?

Report Phishing

If you receive a phishing scam to your University email address, forward it to us at [email protected], and include complete headers(Note: If you have difficulty forwarding a phishing message, send a summary of the email, including the sender and subject to [email protected].)

We will:

  • Block the return email addresses
  • Notify a website's administrators if a website is used to collect replies
  • Block access from the U network to the website
  • Notify other schools
  • Tune our rules that flag email as spam

What's Your Email Worth?

illustration of the data about you that can access through a hacked email account

Brian Krebs recently provided a sobering analysis of "The Value of a Hacked Email Account." Please share this with anyone who needs to be reminded that they shouldn't share their password with anyone!

Previous Phishing Examples

View examples of phishing scams targeting the U from 2012-2018 at phishing.it.umn.edu.