Latest Email Scams

Below is a collection of real-life phishing examples that IT Security has acted upon and notes on what gives them away as email scams.

  Subscribe to the Email Scams RSS feed

  Follow us on Twitter for the latest Email Scams

From: "Chammout, Michael MD" <Michael.Chammout@maringeneral.org>
To: "sd@gm.org" &lt;sd@gm.org&gt;
Date: Wed, 20 Jul 2016 02:19:14 -0700

Body:

Your incoming emails are placed on Hold/pending status,
In order to start receiving your messages, Click here<http://www.surewayministries.org/ext/secure/>

From: "HR.uchicago.edu" <alexanderemily@sullivaneagles.org>
Subject: UPDATE YOUR PROFILE.

Body:

We are updating our database, kindly login<https://www.cognitoforms.com/Shibboleth2uchicagoedu1/SignIn> to update your details to enable us keep track of your records on our database. Please ignore this message if you have already updated your details. 

Please click here to update your account.<https://www.cognitoforms.com/Shibboleth2uchicagoedu1/SignIn> 

Sorry for any inconveniences this may cause you. 

Sincerely, 

Mike Knitter 
Interim Associate Vice President, Human Resources 
The University of Chicago Human Resources 
6054 S. Drexel Ave. 
Chicago, IL 60637 

From: University of Chicago Law School <g*******@uchicago.edu>
Date: Sunday, July 17, 2016 11:29 AM
Subject: Staff Meeting Notification

Body:

You have a staff meeting notification.

Click here <http://fmcpinturas.com.br/TbL5cxJZ/uchicago/> to view full details

Thank you.
University of Chicago Law School

From: Richard Krezwick <richard.krezwick@aegeurope.com>
Date: Fri, 15 Jul 2016 13:42:04 +0000
Subject: Help Desk.

Body:

This message is from Help Desk. Please read attached document regarding your account verification to avoid deactivation.

Technical Support
192.168.0.1
Copyright @ 2016 All rights reserved.
This email and the files transmitted with it are confidential and may be privileged. If you have received this email in error you are on notice of its status. Please notify the sender immediately and delete the material from any computer. If you are not a named addressee any use of this email, its contents or attachments is strictly prohibited.
AEG Europe is not responsible for the completeness or accuracy of this communication as it has been transmitted over a public network. Whilst AEG Europe monitors all communications for potential viruses, AEG Europe makes no representations or warranties as to the absence of viruses in this email or any attachments and accepts no responsibility for any loss or damage caused by this email and the information it contains. Addressees should scan this email and any attachments for viruses.
Anschutz Sports Holdings Limited (trading as AEG Europe) is a private limited company registered in England and Wales (company number 03469870) whose registered office is at The Studio, The O2, London, SE10 0DX.
Ansco Management Limited is a private limited company registered in England and Wales (company number 04190729) whose registered office is at The Studio, The O2, London, SE10 0DX.
Ansco Arena Limited is a private limited company registered in England and Wales (company number 04350252) whose registered office is at The Studio, The O2, London, SE10 0DX.

How you know this is a Phishing Scam:

The attachment had an embedded URL in it 

From: "Mail Service" <Info@services.com>
Date: Fri, 15 Jul 2016 07:31:28 +0100
Subject: Update Your Account

Body:

Dear , Your account storage capacity is very low.
We may be forced to terminate the activities of your account, if the data exceeds the maximum capacity. Proceed by clicking the "Upgrade Now" http://nojarosart.com/kbi/web.html link below to upgrade.
Valid from expiration Upgrade
July 15, 2016 July 18, 2016 Upgrade Now http://nojarosart.com/kbi/web.html
Your mailbox security is our primary concern. Thanks for taking additional steps to keep your account safe.
Thanks,
Member Services
Replies sent to this email address cannot be answered. For additional help, please contact us at 1(800) 730-2669 FREE.

---
This email has been checked for viruses by Avast antivirus software.
https://www.avast.com/antivirus

How you know this is a Phishing Scam:

Aside from being a truly awful grammatical trainwreck, it includes a very sketchy 1-800 number that will almost certainly lead you to a phone tech support scam.

The antivirus scan notice at the bottom is also another important lesson - not all that's scanned by antivirus is safe... if the scan notice is even legitimate.