Latest Email Scams

Below is a collection of real-life phishing examples that IT Security has acted upon and notes on what gives them away as email scams.

  Subscribe to the Email Scams RSS feed

  Follow us on Twitter for the latest Email Scams

From: Zoe Basquil <>
To: Zoe Basquil &lt;;
Date: Mon, 22 Aug 2016 20:07:47 +000
Subject: IT Service desk


Admin/Account Re-validation, we're upgrading staff and student e-Mail account to new version of Outlook Web Access. kindly click on <> <> OUTLOOK WEB ACCESS <> and act as instructed. Thank you IT Service desk

From: Jarrell, Jenna Cherise <>
To: &lt;;
Date: Monday, August 22, 2016 4:20 PM
Subject: Service Admin


Dear Student/Staff Your mailbox has exceeded its storage limit, if you do not re-validate your e-mail administrator, you will not be able to receive new mail until you re-validate it.


and login your information to re-validate your email account to enable you have more storage space to send and receive new mails.
ITS Help Desk
For Student's/Staff's

From: "University of Chicago" <>
Date: Aug 12, 2016 5:52 PM
Subject: Package Alert


Hello, You have a new package waiting for you at the University Post Office,

Here is everything we know about your package: it is a Courier Perishable

No notes attached. For more details about your package, please visit this *Link* <>

Thank you,

University of Chicago

How you know this is a Phishing Scam:

There is no University of Chicago "Post Office," and a URL shortener was used to hide the final destination of the link - a webpage designed to steal your credentials.

From: University of Chicago <redacted@uchicago.edua>
To: undisclosed-recipients:;
Date: August 13, 2016 at 2:07:11 PM CDT
Subject: Student Event


Hello, University of Chicago student events program list of names

Here are the names of the student for the new events activities.

Kindly follow this Event link <> to check your name and more information about the event.

University of Chicago

How you know this is a Phishing Scam:

This phish was more complicated that most. The URL is a shortened version of the actual URL, that leads to <>. The only way to find out the actual URL, you'd have to use a URL expander to un-shorten the URL.

From: Carrizo, Noelia <>
To: Carrizo, Noelia
Date: Wednesday, August 10, 2016 9:44 AM
Subject: Staff/Faculty Security Update


Security alert

Protecting your account is a matter taking seriously.
Due to recent activities going on in your account we hereby suspend your account from sending and receiving of messages. Click Here: <> to Update your account.

Note: if you do not update your account in the next 18 hours you will loose access to your account totally.