Phishing | IT@UMN | The people behind the technology

Recent Posts

Example 239: Are you available? Business Email Exploit/Compromise

November 20, 2020

Screenshot of scam email with subject Available?

Business email exploits are a social engineering scam we see every day at the University.

Example 238: Retirement Scam for University Personnel

August 10, 2020

Small child in vivid yellow skirt grasps her grandparent's forearm. Photo credit @immo_cb on Instagram

Planning for retirement can be complex and emotional, and many people seek guidance and assurance that they are doing it “right”.

Example 237: Student job for you! $400 per week!

June 25, 2020

Mysterious detective figure with the words scam alert

Scams offering student employment are common at the University of Minnesota. Recently, there’s been a significant increase in the number of scams that are being attempted and the volume of recipients.

Example 236: Notice of personal information processing (Article Archived)

May 20, 2020

Article Archived

Example 235: Expiration Notice

April 20, 2020

A screenshot of the phishing landing page for Canvas

Phishing targeted at Canvas users This phishing scam was sent to a short list of UMN individuals with the subject “Expiration Notice”.

Read more of: Example 235: Expiration Notice

Example 234: Payroll Schedule

March 28, 2020

Fake University of Minnesota login page with notes

This phishing scam was sent to a public UMN Google Group with the subject 'Payroll Schedule'. A version of the message is included below.

Read more of: Example 234: Payroll Schedule

Defending Against COVID-19 Cyber Scams

March 6, 2020

The Cybersecurity and Infrastructure Security Agency (CISA) released the following notice on March 6, 2020,

Advisory: Holiday Shopping, Phishing, and Malware Scams

November 8, 2019

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users to be aware of potential holiday scams.

Example 233: Tutor Needed

October 14, 2019

Members of the University community have received a fake job offer email aimed at financial fraud.

Advisory: FBI Releases Article on Defending Against Phishing and Spearphishing Attacks

October 10, 2019

In recognition of National Cybersecurity Awareness Month (NCSAM), the Federal Bureau of Investigation (FBI) has released an article to raise awareness of phishing and spearphishing. The article provides guidance on recognizing and avoiding these types of attacks.

Example 231: Voice Message from ....

August 24, 2019

A compromised University account was used to send a fake voicemail message aimed at stealing accounts.

Advisory: Who Was that Masked Emailer?

August 21, 2019

Adept email scammers fake the "From" address in emails to look like a real sender.

Report Phishing

If you receive a phishing scam to your University email address, forward it to us at [email protected], and include complete headers. (Note: If you have difficulty forwarding a phishing message, send a summary of the email, including the sender and subject to [email protected].)

We will:

Block the return email addresses
Notify a website's administrators if a website is used to collect replies
Block access from the U network to the website
Notify other schools
Tune our rules that flag email as spam

What's Your Email Worth?

illustration of the data about you that can access through a hacked email account

Brian Krebs recently provided a sobering analysis of "The Value of a Hacked Email Account." Please share this with anyone who needs to be reminded that they shouldn't share their password with anyone!

Previous Phishing Examples

View examples of phishing scams targeting the U from 2012-2018 at phishing.it.umn.edu.