Secure U
577 gradient

Phishing Scams Targeting the University

See the latest information security alerts and examples of phishing scams sent to University email accounts.

Recent Posts

Advisory: WHO was that masked emailer??!

August 21, 2019 - 3:15pm

By Joel Anderson

Adept email scammers fake the "From:" address to look like a real sender.

Masking the sender, emails might look like they came from a legitimate sender 

Read more of Advisory: WHO was that masked emailer??!.

Advisory: Even TARGET knows the Boss doesn't need you to buy gift cards!

June 27, 2019 - 2:00pm

By Joel Anderson

Warning posted in Target stores with the growth of "the boss needs gift cards" scams.

As we've noted (https://it.umn.edu/phishing-scams-targeting-university/advisory-guess-what-your-boss-really) there has been tremendous growth in forged scam emails impersonating important people (department heads, professors, and more) asking people to buy gift cards.

This has gotten so prevalent, that Target has posted signs at the  self-checkout terminals:

Read more of Advisory: Even TARGET knows the Boss doesn't need you to buy gift cards!.

Example 230: Fake Handshake Job Offer

June 10, 2019 - 1:15pm

By Joel Anderson

Fake job offers sent from multiple compromised student accounts:

THINGS TO NOTE

Read more of Example 230: Fake Handshake Job Offer.

Example 229: Financial Aid On Hold - Action Required / Summer 2019 waitlist

June 6, 2019 - 12:00pm

By Joel Anderson

Two related phishing scams sent from a compromised account pointed at a fake MyU login page.

Message Text #1

Read more of Example 229: Financial Aid On Hold - Action Required / Summer 2019 waitlist.

Advisory: Guess what? Your boss REALLY doesn't need you to buy gift cards!

May 6, 2019 - 12:15pm

By Joel Anderson

Guess what? Your boss really doesn't need you to buy gift cards!

Lately we've seen growth in a scam that takes advantage of the public nature of our University.
Because we are a public institution, it isn't very hard for anyone to find names of leaders - that is, managers, professors and other people of authority. And it's also relatively easy to find names of people who might report to them.

What does that mean to you? 

Read more of Advisory: Guess what? Your boss REALLY doesn't need you to buy gift cards!.

Pages

Report Phishing

If you receive a phishing scam to your University email address, forward it to us at phishing@umn.edu, and include complete headers. (Note: If you have difficulty forwarding a phishing message, send a summary of the email, including the sender and subject to phishing@umn.edu.)

We will:

  • Block the return email addresses
  • Notify a website's administrators if a website is used to collect replies
  • Block access from the U network to the website
  • Notify other schools
  • Tune our rules that flag email as spam

What's Your Email Worth?

illustration of the data about you that can access through a hacked email account

Brian Krebs recently provided a sobering analysis of "The Value of a Hacked Email Account." Please share this with anyone who needs to be reminded that they shouldn't share their password with anyone!

Previous Phishing Examples

View examples of phishing scams targeting the U from 2012-2018 at phishing.it.umn.edu.

Archive

Pages

If you have a technology question, contact Technology Help. If you have feedback about this webpage, please share it below.

Additional Resources

Recognize and Report Email Scams
Practice Safe Computing
University Information Security