Latest Email Scams

Below is a collection of real-life phishing examples that IT Security has acted upon and notes on what gives them away as email scams.

  Subscribe to the Email Scams RSS feed

  Follow us on Twitter for the latest Email Scams

From: Iomini, Carlo <>
Date: Thu 10/20/2016 1:42 PM
Subject: Microsoft 2016 Update


2016 from 10PM. We are moving all email account to the new Microsoft 2016 Outlook Web App. Your current webmail is out of date, please CLICK HERE <>   to complete the verification process. Inability to complete this procedure will render your account inactive.

We apologize for any inconvenience this may be causing.

Thank You.
Webmail Administration
Copyright @2016

From: Webadvisor <>
Date: Wednesday, October 19, 2016 6:32 PM
Subject: The new Outlook Web app for Staff/Student is the new home for online self-service and information.


The new Outlook Web app for Staff/Student is the new home for online self-service and information.
Click on < here> <> and login to:
·  access the new staff directory
·  access your pay slips and P60s
·  update your ID photo
·  look up student records using the contact search facility
·  use our quick links at the bottom of each page to help you find relevant tools and info

From: Robert Zimmer <>
To: &lt;;
Date: Tuesday, October 18, 2016 2:11 PM
Subject: Payment


Hi (name),

I have due Invoice(New Vendor) for payment , Can you process payment today .


Robert Zimmer


Sent from my Verizon 4G LTE Tablet

How you know this is a Phishing Scam:

The email is signed by a person of high importance, however it is poorly written.  A clear indicator that it could not have been sent by this person and should cause the recipient to question its validity.  Therefore, the recipient should not take attention, including opening any attachments accompanying the email.

From: "Burns, Nancy" <>
To: "" &lt;;
Date: Tue, 18 Oct 2016 11:38:15 +0000
Subject: To All Faculty\Staff



To All Faculty\Staff

Take note of this important update that our new web mail has been improved with a new messaging system from Outlook Web Access which also include faster usage on email, shared calendar, web-documents and the new 2016 anti-spam version.

Please use the link below to complete your upgrade for our new Outlook Web Access improved web mail.


IT Service Desk Support.

How you know this is a Phishing Scam:

The link being referenced in the email is not from a credible site. Also, the email is missing contact information to the person/group sending this email for any further follow-up by recipient.

From: David Beagley <>
Date: Tue, 11 Oct 2016 08:02:03 -0700
Subject: Re:



Dear Dr. <name here>;

I recently read your last article and it was very useful in my field of 

I wonder, if possible, to send me these articles to use in my current 



Thanks for you Cooperation in Advance.

Dr. David Beagley
La Trobe University
Faculty of Art
Department of Political Studies

How you know this is a Phishing Scam:

First, the first URL has a fake University of Chicago login -- as it ends in 'in' and is in India.  We don't have such authentication servers in India.

The request is odd - researchers wouldn't be asking the recipients of these emails to have these articles sent in this manner;  purported sender's field doesn't match the nature of the article.  Recipients are not the article's authors.  Science direct articles aren't generally free to the public.

The dubious inclusion of the login page is a sign of credential harvesting.