Recent Posts

Example 251: Fake University of Minnesota Login Pages

Fake login pages are typically delivered as a link in a scam email, often with a notice like “you have a secure message” or “your account will be closed.” Scammers are trying to capture user ID and password combinatio
Read more of: Example 251: Fake University of Minnesota Login Pages

Example 250: Advisory: Google Services Abuse Advisory

According to
Read more of: Example 250: Advisory: Google Services Abuse Advisory

Example 249: Scam Texts

Fake text from President Gabel
Scams take many forms, including SMS (text), as well as emails and telephone calls.
Read more of: Example 249: Scam Texts

Example 248: Fake payment receipts

We are currently seeing a high volume of payment and subscription scams.
Read more of: Example 248: Fake payment receipts

Example 247: Beware Fake Google Drive Invitations

Read more of: Example 247: Beware Fake Google Drive Invitations

Example 246: Fake copyright infringement notices

We have seen several of these submitted via the public-facing web forms of legitimate University businesses. In each case, the claim and the sending email were fraudulent.
Read more of: Example 246: Fake copyright infringement notices

Example 245: Scam notice of your email being held

Fake UMN-branded login pop-up
This example shows the scammers attempting to personalize the message and make it more believable by including the recipient’s Internet ID throughout the email.
Read more of: Example 245: Scam notice of your email being held

Example 244: “Trust” Sends Scam Form to Reinstate Email

Scam form asking for UMN user name and passcode
Scammers used a couple of common techniques in this example. 
Read more of: Example 244: “Trust” Sends Scam Form to Reinstate Email

Example 243: Ordinary Sloppy “Mailbox Storage Full” Scams

Screenshot of sloppy non-UMN login page titled Webmail
Less sophisticated, sloppy scammers still target the University community. Their emails are generally easier to recognize, even from the text of the email.
Read more of: Example 243: Ordinary Sloppy “Mailbox Storage Full” Scams

Example 242: Pending Mails

Example of scam email about pending mails - the text of this image is also in the content
Email scams play on human emotions such as curiosity, greed, or fear.
Read more of: Example 242: Pending Mails

Example 241: Fake UMN Google Login Pop-ups

Fake UMN Google login pop-up window
Email scams are the primary way that cyber attackers infiltrate organizations.
Read more of: Example 241: Fake UMN Google Login Pop-ups

Example 240: Fake UMN Login Pages Are Back!

Screenshot of fake UMN login page calling out aws URL and with FAKE across it in red
Scams involving fake login pages practically disappeared after the University implemented Duo 
Read more of: Example 240: Fake UMN Login Pages Are Back!

Example 239: Are you available? Business Email Exploit/Compromise

Screenshot of scam email with subject Available?
Business email exploits are a social engineering scam we see every day at the University.
Read more of: Example 239: Are you available? Business Email Exploit/Compromise

Example 238: Retirement Scam for University Personnel

Small child in vivid yellow skirt grasps her grandparent's forearm. Photo credit @immo_cb on Instagram
Planning for retirement can be complex and emotional, and many people seek guidance and assurance that they are doing it “right”.
Read more of: Example 238: Retirement Scam for University Personnel

Example 237: Student job for you! $400 per week!

Mysterious detective figure with the words scam alert
Scams offering student employment are common at the University of Minnesota. Recently, there’s been a significant increase in the number of scams that are being attempted and the volume of recipients.
Read more of: Example 237: Student job for you! $400 per week!

Example 235: Expiration Notice

A screenshot of the phishing landing page for Canvas
Phishing targeted at Canvas users This phishing scam was sent to a short list of UMN individuals with the subject “Expiration Notice”. 
Read more of: Example 235: Expiration Notice

Example 234: Payroll Schedule

Fake University of Minnesota login page with notes
This phishing scam was sent to a public UMN Google Group with the subject 'Payroll Schedule'. A version of the message is included below.
Read more of: Example 234: Payroll Schedule

Defending Against COVID-19 Cyber Scams

The Cybersecurity and Infrastructure Security Agency (CISA) released the following notice on March 6, 2020
Read more of: Defending Against COVID-19 Cyber Scams

Advisory: Holiday Shopping, Phishing, and Malware Scams

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users to be aware of potential holiday scams.
Read more of: Advisory: Holiday Shopping, Phishing, and Malware Scams

Example 233: Tutor Needed

Members of the University community have received a fake job offer email aimed at financial fraud.
Read more of: Example 233: Tutor Needed

Report Phishing

If you receive a phishing scam to your University email address, forward it to us at [email protected], and include complete headers(Note: If you have difficulty forwarding a phishing message, send a summary of the email, including the sender and subject to [email protected].)

We will:

  • Block the return email addresses
  • Notify a website's administrators if a website is used to collect replies
  • Block access from the U network to the website
  • Notify other schools
  • Tune our rules that flag email as spam

What's Your Email Worth?

illustration of the data about you that can access through a hacked email account

Brian Krebs recently provided a sobering analysis of "The Value of a Hacked Email Account." Please share this with anyone who needs to be reminded that they shouldn't share their password with anyone!