Recent Posts

Example 246: Fake copyright infringement notices

We have seen several of these submitted via the public-facing web forms of legitimate University businesses. In each case, the claim and the sending email were fraudulent.
Read more of: Example 246: Fake copyright infringement notices

Example 245: Scam notice of your email being held

Fake UMN-branded login pop-up
This example shows the scammers attempting to personalize the message and make it more believable by including the recipient’s Internet ID throughout the email.
Read more of: Example 245: Scam notice of your email being held

Example 244: “Trust” Sends Scam Form to Reinstate Email

Scam form asking for UMN user name and passcode
Scammers used a couple of common techniques in this example. 
Read more of: Example 244: “Trust” Sends Scam Form to Reinstate Email

Example 243: Ordinary Sloppy “Mailbox Storage Full” Scams

Screenshot of sloppy non-UMN login page titled Webmail
Less sophisticated, sloppy scammers still target the University community. Their emails are generally easier to recognize, even from the text of the email.
Read more of: Example 243: Ordinary Sloppy “Mailbox Storage Full” Scams

Example 242: Pending Mails

Example of scam email about pending mails - the text of this image is also in the content
Email scams play on human emotions such as curiosity, greed, or fear.
Read more of: Example 242: Pending Mails

Example 241: Fake UMN Google Login Pop-ups

Fake UMN Google login pop-up window
Email scams are the primary way that cyber attackers infiltrate organizations.
Read more of: Example 241: Fake UMN Google Login Pop-ups

Example 240: Fake UMN Login Pages Are Back!

Screenshot of fake UMN login page calling out aws URL and with FAKE across it in red
Scams involving fake login pages practically disappeared after the University implemented Duo 
Read more of: Example 240: Fake UMN Login Pages Are Back!

Example 239: Are you available? Business Email Exploit/Compromise

Screenshot of scam email with subject Available?
Business email exploits are a social engineering scam we see every day at the University.
Read more of: Example 239: Are you available? Business Email Exploit/Compromise

Example 238: Retirement Scam for University Personnel

Small child in vivid yellow skirt grasps her grandparent's forearm. Photo credit @immo_cb on Instagram
Planning for retirement can be complex and emotional, and many people seek guidance and assurance that they are doing it “right”.
Read more of: Example 238: Retirement Scam for University Personnel

Example 237: Student job for you! $400 per week!

Mysterious detective figure with the words scam alert
Scams offering student employment are common at the University of Minnesota. Recently, there’s been a significant increase in the number of scams that are being attempted and the volume of recipients.
Read more of: Example 237: Student job for you! $400 per week!

Example 236: Notice of personal information processing (Article Archived)

Article Archived
Read more of: Example 236: Notice of personal information processing (Article Archived)

Example 235: Expiration Notice

A screenshot of the phishing landing page for Canvas
Phishing targeted at Canvas users This phishing scam was sent to a short list of UMN individuals with the subject “Expiration Notice”. 
Read more of: Example 235: Expiration Notice

Example 234: Payroll Schedule

Fake University of Minnesota login page with notes
This phishing scam was sent to a public UMN Google Group with the subject 'Payroll Schedule'. A version of the message is included below.
Read more of: Example 234: Payroll Schedule

Defending Against COVID-19 Cyber Scams

The Cybersecurity and Infrastructure Security Agency (CISA) released the following notice on March 6, 2020,
Read more of: Defending Against COVID-19 Cyber Scams

Advisory: Holiday Shopping, Phishing, and Malware Scams

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users to be aware of potential holiday scams.
Read more of: Advisory: Holiday Shopping, Phishing, and Malware Scams

Example 233: Tutor Needed

Members of the University community have received a fake job offer email aimed at financial fraud.
Read more of: Example 233: Tutor Needed

Advisory: FBI Releases Article on Defending Against Phishing and Spearphishing Attacks

In recognition of National Cybersecurity Awareness Month (NCSAM), the Federal Bureau of Investigation (FBI) has released an article to raise awareness of phishing and spearphishing. The article provides guidance on recognizing and avoiding these types of attacks.
Read more of: Advisory: FBI Releases Article on Defending Against Phishing and Spearphishing Attacks

Example 231: Voice Message from ....

A compromised University account was used to send a fake voicemail message aimed at stealing accounts.
Read more of: Example 231: Voice Message from ....

Advisory: Who Was that Masked Emailer?

Adept email scammers fake the "From" address in emails to look like a real sender.
Read more of: Advisory: Who Was that Masked Emailer?

Report Phishing

If you receive a phishing scam to your University email address, forward it to us at [email protected], and include complete headers(Note: If you have difficulty forwarding a phishing message, send a summary of the email, including the sender and subject to [email protected].)

We will:

  • Block the return email addresses
  • Notify a website's administrators if a website is used to collect replies
  • Block access from the U network to the website
  • Notify other schools
  • Tune our rules that flag email as spam

What's Your Email Worth?

illustration of the data about you that can access through a hacked email account

Brian Krebs recently provided a sobering analysis of "The Value of a Hacked Email Account." Please share this with anyone who needs to be reminded that they shouldn't share their password with anyone!

Previous Phishing Examples

View examples of phishing scams targeting the U from 2012-2018 at phishing.it.umn.edu.