Recent Posts

Example 248: Fake payment receipts

We are currently seeing a high volume of payment and subscription scams.

Example 247: Beware Fake Google Drive Invitations

In this example, scammers utilize Google Drive's collaboration feature and send push notifications from Google itself to deliver malicious content.

Example 246: Fake copyright infringement notices

We have seen several of these submitted via the public-facing web forms of legitimate University businesses. In each case, the claim and the sending email were fraudulent.

Example 245: Scam notice of your email being held

This example shows the scammers attempting to personalize the message and make it more believable by including the recipient’s Internet ID throughout the email.

Example 244: “Trust” Sends Scam Form to Reinstate Email

Scammers used a couple of common techniques in this example. 

Example 243: Ordinary Sloppy “Mailbox Storage Full” Scams

Less sophisticated, sloppy scammers still target the University community. Their emails are generally easier to recognize, even from the text of the email.

Example 242: Pending Mails

Email scams play on human emotions such as curiosity, greed, or fear.

Example 241: Fake UMN Google Login Pop-ups

Email scams are the primary way that cyber attackers infiltrate organizations.

Example 240: Fake UMN Login Pages Are Back!

Scams involving fake login pages practically disappeared after the University implemented Duo 

Example 239: Are you available? Business Email Exploit/Compromise

Business email exploits are a social engineering scam we see every day at the University.

Example 238: Retirement Scam for University Personnel

Planning for retirement can be complex and emotional, and many people seek guidance and assurance that they are doing it “right”.

Example 237: Student job for you! $400 per week!

Scams offering student employment are common at the University of Minnesota. Recently, there’s been a significant increase in the number of scams that are being attempted and the volume of recipients.

Example 235: Expiration Notice

Phishing targeted at Canvas users This phishing scam was sent to a short list of UMN individuals with the subject “Expiration Notice”. 

Example 234: Payroll Schedule

This phishing scam was sent to a public UMN Google Group with the subject 'Payroll Schedule'. A version of the message is included below.

Defending Against COVID-19 Cyber Scams

The Cybersecurity and Infrastructure Security Agency (CISA) released the following notice on March 6, 2020,

Advisory: Holiday Shopping, Phishing, and Malware Scams

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users to be aware of potential holiday scams.

Example 233: Tutor Needed

Members of the University community have received a fake job offer email aimed at financial fraud.

Advisory: FBI Releases Article on Defending Against Phishing and Spearphishing Attacks

In recognition of National Cybersecurity Awareness Month (NCSAM), the Federal Bureau of Investigation (FBI) has released an article to raise awareness of phishing and spearphishing. The article provides guidance on recognizing and avoiding these types of attacks.

Example 231: Voice Message from ....

A compromised University account was used to send a fake voicemail message aimed at stealing accounts.