Search Google Appliance

Information Technology

Fresh Phishing Scams on Campus

How to spot phishing:

FRESH PHISH: February 23, 2018

  1. The sender claims to be "Umass Mail," but the actual address is not a trusted UMass email address.
  2. Phishing messages often include spelling and grammar errors or use informal language. For example, this message includes improper spacing such as the phrase "mffoley ley . ."
  3. The email asks the recipient to click a link with the title "SIGN IN HERE." The link addresses are not displayed.
    • Hover over links to check the urls for a trusted site before clicking! Hovering over this link shows that it does not lead to a trusted UMass website.
    • Do not enter personal information on untrusted websites. If you are unsure, please email itprotect@umass.edu.
  4. The fraudulent login page linked to by the email did not have a trusted UMass web address.

Note: Always verify the identity of the sender before opening any attachments or clicking any links.
If you have a phishing example or question, please email itprotect@umass.edu.

Phishing email example February 23rd 2018

Fake login page example feb 23 with non-umass web address


FRESH PHISH: February 21, 2018

  1. The sender is not a trusted UMass email address.
  2. The email asks the recipient to click a link with following the text "view this ticket's progress online" and a second to "login to your account." The link addresses are not displayed.
    • Hover over links to check the urls for a trusted site before clicking! Hovering over this link shows that it does not lead to a trusted UMass website.
    • Do not enter personal information on untrusted websites. If you are unsure, please email itprotect@umass.edu.
  3. The fraudulent login page linked to by the email did not have a trusted UMass web address.

Note: Always verify the identity of the sender before opening any attachments or clicking any links.
If you have a phishing example or question, please email itprotect@umass.edu.

Phishing email example February 21st 2018

Fake login page example feb 21 with non-umass web address


FRESH PHISH: February 21, 2018

  1. The sender claims to be "UMass Mail" but the actual address is not a trusted UMass email address.
  2. Phishing messages often create a false sense of urgency, to try to convince the recipient to react quickly without thinking. For example, this message claims to be of high importance. Some legitimate messages may include this label, but always remember to stop and think before acting.
  3. Phishing messages often include spelling and grammar errors or use informal language. For example, the message opens with "Hi," with no punctuation.
  4. The email asks the recipient to click a link with following the text "SIGN IN HERE." The link address is not displayed.
    • Hover over links to check the urls for a trusted site before clicking! Hovering over this link shows that it does not lead to a trusted UMass website.
    • Do not enter personal information on untrusted websites. If you are unsure, please email itprotect@umass.edu.

Note: Always verify the identity of the sender before opening any attachments or clicking any links.
If you have a phishing example or question, please email itprotect@umass.edu.

Phishing email example February 21st 2018


FRESH PHISH: February 14, 2018

  1. The sender claims to be "UMass Amhers," but the actual address <mrobin495@yahoo.com> is not a trusted UMass email address.
  2. The email asks the recipient to click a link with following the text "Verify Your Account Now." Though the link appears to be displayed, the text in the message is different from the address that the link directs to!
    • Hover over links to check the urls for a trusted site before clicking! Hovering over this link shows that it does not lead to a trusted UMass website.
    • Do not enter personal information on untrusted websites. If you are unsure, please email itprotect@umass.edu.
  3. Phishing messages often create a false sense of urgency. For example, this message includes language like "...email account will be treated as inactive and deleted!" to try to convince the recipient to act quickly without thinking.
  4. Phishing messages often include spelling and grammar errors. For example, this message frequently refers to itself as "UMassAmhers."

Note: Always verify the identity of the sender before opening any attachments or clicking any links.
If you have a phishing example or question, please email itprotect@umass.edu.

Phishing email example February 14th 2018


FRESH PHISH: February 6, 2018

  1. The sender claims to be UMass Amherst, but the actual address <allan.banning@cosmotemail.gr> is not a trusted UMass email address.
  2. Phishing messages often include spelling and grammar errors. For example, this message includes weird phrases like "you are advice."
  3. The email asks the recipient to click a link with the text "Click here to verify" The link address is not displayed.
    • Hover over links to check the urls for a trusted site before clicking! Hovering over this link shows that it does not lead to a trusted UMass website.
    • Do not enter personal information on untrusted websites. If you are unsure, please email itprotect@umass.edu.
  4. Phishing messages often create a false sense of urgency. For example, this message includes language like "services will permanently be disabled" to try to convince the recipient to act quickly without thinking.

Note: Always verify the identity of the sender before opening any attachments or clicking any links.
If you have a phishing example or question, please email itprotect@umass.edu.

Phishing email example February 6th 2018


FRESH PHISH: January 31, 2018

  1. The message, which appears to have been sent by "Pamela Lester <plester@umass.edu>" uses informal language with spelling and grammar errors - for example, the message opens with "Hi," with no punctuation.
  2. Phishing messages often include spelling and grammar errors. For example, this message capitalizes the word "Your" in the middle of a sentence.
  3. The email asks the recipient to click a link with the text "SIGN IN HERE." The link address is not displayed.
    • Hover over links to check the urls for a trusted site before clicking! Hovering over this link shows that it does not lead to a trusted UMass website.
    • Do not enter personal information on untrusted websites. If you are unsure, please email itprotect@umass.edu.

Note: Always verify the identity of the sender before opening any attachments or clicking any links.
If you have a phishing example or question, please email itprotect@umass.edu.

Phishing email example January 31st 2018


FRESH PHISH: January 31, 2018

  1. The sender ("Mucerino, Allan <amucerino@fullerton.edu>") is not a trusted UMass address.
  2. Phishing messages often try to create a false sense of urgency. This message uses language including "Priority: High" and "If you do not reply, this request will be formally closed..." to attempt to trick the recipient into responding quickly without thinking.
  3. The email asks the recipient to click a link with the text "Your incident." The link address is not displayed.
    • Hover over links to check the urls for a trusted site before clicking! Hovering over this link shows that it does not lead to a trusted UMass website.
    • Do not enter personal information on untrusted websites. If you are unsure, please email itprotect@umass.edu.

Note: Always verify the identity of the sender before opening any attachments or clicking any links.
If you have a phishing example or question, please email itprotect@umass.edu.

Phishing email example January 31st 2018


FRESH PHISH: January 13, 2018

  1. The sender ("One Drive <support1@usc.edu>") is not a trusted UMass address.
  2. The email asks the recipient to click a link, which is displayed as a button with the text "Click here to view message." The link address is not displayed.
    • Hover over links to check the urls for a trusted site before clicking! Hovering over this link shows that it does not lead to a trusted UMass website.
    • Do not enter personal information on untrusted websites. If you are unsure, please email itprotect@umass.edu.
  3. Phishing emails often include spelling or grammar mistakes. In this case, the sender spelled "OneDrive" inconsistently.

Note: Always verify the identity of the sender before opening any attachments or clicking any links.
If you have a phishing example or question, please email itprotect@umass.edu.

Phishing email example January 13th 2018


FRESH PHISH: January 13, 2018

Phishing example showing an email which claims to be an information technology service provider saying that your email was 'changed' recently. The email urges the recipient to click one of several links if they don't recognize that activity. The link addresses are not displayed, and the links take the recipient to a fraudulent UMass login page.

  • Sender is not a trusted UMass email address.
  • The email message creates a false sense of urgency by pretending to be a support service and asking the recipient to "contact us urgently for assistance."
  • The email urges the recipient to click several links, which do not display their addresses.
    • Hover over links to check the urls for a trusted site before clicking! Hovering over this link shows that it does not lead to a trusted UMass website.
  • Link directs to a fraudulent login page. 
    • Do not enter personal information on untrusted websites. If you are unsure, please email itprotect@umass.edu.

Note: Always verify the identity of the sender before opening any attachments or clicking any links.

If you have a phishing example or question, please email itprotect@umass.edu.


FRESH PHISH: January 11, 2018

Phishing example showing an email attachment with a link. The message instructs the recipient to click a link which does not show its address. The link directs to a fake version of the Office 365 login page.

  • Sender is not a trusted UMass email address.
  • The email message includes a link to a fraudulent login page. The link address is not displayed.
    • Hover over links to check the urls for a trusted site before clicking! Hovering over this link shows that it does not lead to a trusted UMass website.
  • Link directs to a fraudulent login page. 
    • Do not enter personal information on untrusted websites. If you are unsure, please email itprotect@umass.edu.

Note: Always verify the identity of the sender before opening any attachments or clicking any links.

If you have a phishing example or question, please email itprotect@umass.edu.


FRESH PHISH: January 06, 2018

Phishing example showing an email attachment with a link. The message instructs the recipient to click a link which does not show its address. The link directs to a fake version of the Office 365 login page.

  • Sender is not a trusted UMass email address.
  • The email message includes a link to a fraudulent login page. The link address is not displayed.
    • Hover over links to check the urls for a trusted site before clicking! Hovering over this link shows that it does not lead to a trusted UMass website.
  • Link directs to a fraudulent login page. 
    • Do not enter personal information on untrusted websites. If you are unsure, please email itprotect@umass.edu.

Note: Always verify the identity of the sender before opening any attachments or clicking any links.

If you have a phishing example or question, please email itprotect@umass.edu.


FRESH PHISH: DECEMBER 18, 2017

Phishing example showing an email attachment with a link. The message instructs the recipient to click a link which does not show its address. The link directs to a fake version of the Office 365 login page.

  • Sender is not a trusted UMass email address.
  • The attached file includes a link to a fraudulent login page. The link address is not displayed.
    • Hover over links to check the urls for a trusted site before clicking! Hovering over this link shows that it does not lead to a trusted UMass website.
  • Link directs to a fraudulent login page. 
    • Do not enter personal information on untrusted websites. If you are unsure, please email itprotect@umass.edu.

Note: Always verify the identity of the sender before opening any attachments or clicking any links.

If you have a phishing example or question, please email itprotect@umass.edu.


FRESH PHISH: DECEMBER 18, 2017

Phishing example showing an email which was not sent by a trusted UMass email address. The email message instructs the recipient to click a link which does not show its address. The link directs to a fake version of the UMass Amherst login page.

  • Sender is not a trusted UMass email address.
  • The email message includes a link to a fraudulent login page. The link address is not displayed.
    • Hover over links to check the urls for a trusted site before clicking! Hovering over this link shows that it does not lead to a trusted UMass website.
  • Link directs to a fraudulent login page. 
    • Do not enter personal information on untrusted websites. If you are unsure, please email itprotect@umass.edu.

Note: Always verify the identity of the sender before opening any attachments or clicking any links.

If you have a phishing example or question, please email itprotect@umass.edu.


FRESH PHISH: DECEMBER 14, 2017

Phishing example showing an email which was not sent by a trusted UMass email address. The email message instructs the recipient to click a link which does not show its address. The link directs to a fake version of the UMass Amherst login page.

  • Sender is not a trusted UMass email address.
  • The email message includes a link to a fraudulent login page. The link address is not displayed.
    • Hover over links to check the urls for a trusted site before clicking! Hovering over this link shows that it does not lead to a trusted UMass website.
  • Link directs to a fraudulent login page. 
    • Do not enter personal information on untrusted websites. If you are unsure, please email itprotect@umass.edu.

Note: Always verify the identity of the sender before opening any attachments or clicking any links.

If you have a phishing example or question, please email itprotect@umass.edu.


FRESH PHISH: DECEMBER 12, 2017

Phishing example showing an email which was not sent by a trusted UMass email address. The email message instructs the recipient to click a link which does not show its address. The link directs to a fake version of the UMass Amherst login page.

  • Sender is not a trusted UMass email address.
  • The email message includes a link to a fraudulent login page. The link address is not displayed.
    • Hover over links to check the urls for a trusted site before clicking! Hovering over this link shows that it does not lead to a trusted UMass website.
  • Link directs to a fraudulent login page. 
    • Do not enter personal information on untrusted websites. If you are unsure, please email itprotect@umass.edu.

Note: Always verify the identity of the sender before opening any attachments or clicking any links.

If you have a phishing example or question, please email itprotect@umass.edu.


FRESH PHISH: DECEMBER 11, 2017

Phishing example showing an email which was not sent by a trusted UMass email address, despite containing UMass Amherst branding. The email message instructs the recipient to click a link which does not show its address. The link directs to a fake version of the UMass Amherst login page.

  • Sender is not a trusted UMass email address.
  • The attached file includes a link to a fraudulent login page. The link address is not displayed.
    • Hover over links to check the urls for a trusted site before clicking! Hovering over this link shows that it does not lead to a trusted UMass website.
  • Link directs to a fraudulent login page. 
    • Do not enter personal information on untrusted websites. If you are unsure, please email itprotect@umass.edu.

Note: Always verify the identity of the sender before opening any attachments or clicking any links.

If you have a phishing example or question, please email itprotect@umass.edu.


FRESH PHISH: DECEMBER 8, 2017

Phishing example showing an email which appears to be from the Office of the Controller - though the actual email address is not a trusted UMass address. The phishing email instructs the recipient to download a file, which is actually link to a fraudulent login page.

  • Sender is identified as the Office of the Controller, but the actual address is not a UMass address.
  • The message instructs the recipient to view a file. Do not download or view files which you did not expect to be sent.
  • The attached file includes a link to a fraudulent login page. The link address is not displayed.
    • Hover over links to check the urls for a trusted site before clicking! Hovering over this link shows that it does not lead to a trusted UMass website.
  • Link directs to a fraudulent login page. 
    • Do not enter personal information on untrusted websites. If you are unsure, please email itprotect@umass.edu.

Note: Always verify the identity of the sender before opening any attachments or clicking any links.

If you have a phishing example or question, please email itprotect@umass.edu.


    FRESH PHISH: NOVEMBER 8, 2017

    phishing example showing an email from a non-umass address with links which are not displayed. the links direct to a fake UMass SSL login page. The web address of the fake login page is not a trusted UMass address, and is visible in the addressbar.

    • Sender is identified as UMass Amherst, but the actual address is not a UMass address.
    • The link address in the message is not displayed. 
      • Hover over links to check the urls for a trusted site before clicking! Hovering over this link shows that it does not lead to a trusted UMass website.
    • Link directs to a fraudulent login page. 
      • Do not enter personal information on untrusted websites. If you are unsure, please email itprotect@umass.edu.

    Note: Always verify the identity of the sender before opening any attachments or clicking any links.

    If you have a phishing example or question, please email itprotect@umass.edu.

     

    phishing example showing an email with links which are not displayed. the links direct to a fake UMass login page.

    Phishing example

    phishing examples_vertical 12.16.png

    phishing examples 12.1.62.png

    phishing examples_vertical 11.18.16.png

    phishing examples_vertical 11.7.16  4 TH4.png

    phishing examples_vertical 11.7.16  4 TH3.png

    phishing examples_vertical 11.7.16  4 TH2.png

    phishing examples_vertical 11.7.16  4 TH.png

    fresh.phish (9.6.16).png