RIT Phish Bowl

Report a Phish

If you receive a suspicious email, and it is not already posted here, please report it!

Send an email to spam@rit.edu with the phishing attempt attached.

A job scam email was received beginning Sept. 21. Titles include

  • Application-Administrative Assistant Remote Job
  • Application Administrative Assistant Remote Job
  • Remote Work Position for Student
  • Remote Job Information
  • Re; Administrative Assistant Remote Job

Content was similar to the screenshot.

This is an example of an extortion scam where the attacker may address you by name and include images of your street, often taken from online mapping applications like Google Maps. Despite the personalization of the message, these messages are typically semi-automated and lack any real leverage.

Google Chat request allegedly from Pres. Munson.

The attacker has used Gmail to impersonate an RIT professor. The email requests that student send an email to a "researcher" at surveymonkeyinfo (dot) com to receive a barcode to purchase gift cards to pay for the subscription.

Personal Assistant Remote Position job scam email (5-6-2024)

Indicators include request for PERSONAL "Email Address" For Consideration. Sent from compromised RIT account.

3/26/2024

Phishing email with fake application portal.

Received 3/24/2024

This phish included a spoofed RIT Duo page.

 

 

Mrs. Lu is giving away a violin, camera, piano, and guitar. You pay shipping!

 

11/15/2023 Email from thankview.com

Note, this is a legitimate email, not a phish.

Reported 10/4/2023

Various subject lines. Allegedly a subscription renewal from McAfee Customer Support.

 

 

Reported 10/3/23

Note the inconsistencies in the email and that the attacker asks for a personal email address. 

 

Reported September 2023

The main concern is the QR Code? Where will it take you? Will it go to a malicious website? There are a few indicators that this is not legitimate, specifically since both NYU and Purdue are mentioned in the email. We've updated the QR code so it takes you to the RIT Phish Bowl.

Reported September 2023

This is an example of Microsoft OneDrive being used to send a phishing message with a malicious attachment. Were you expecting this report? Is the sender legitimate?

Reported September 2023

This is a phishing attack that came through Microsoft Sharepoint. Note that the email poses as a forward from President Munson and the recipient of the forward is an RIT leader.

Reported September 2023

This is an example of a Business Email Compromise attack. The attacker is spoofing the name of an RIT leader and attempting to get the recipient to do something for them. In this case, they're allegedly asking to help with a payment.

Reported September 2023

Multiple indicators that this email isn't authentic.

Reported in September 2023
This is phish that provides a link to an external website compromised or belonging to the attacker. Note the external sender.

 

Business Email Compromise attack. Note the generic external email address. You would verify with a known address to determine if it was real. 

 

This attempt came from outside RIT (as noted in the header). If you're not expecting a document to be shared with you, confirm through a known internal email that it's legitimate.

Staff member giving away piano scam. Note the request to reply with a personal email address so that RIT won't be able to block future communications. The goal of this scam is to get people to pay shipping charges.

 


For more information about staying safe online, visit Prevent Phishing