Santa Clara University

Information Security Office

Phishing Examples

RSS Subscribe to Phishing Examples
 
 
RSS

A Phishing Guide: Don't Get Fooled by Emails

Don't know what phishing emails looks like? Well, you've come to the right place! Here, you will find examples of phishing emails and how to spot them.

  •  10 Million Dollars for You!

    Monday, Jul. 21, 2014

     The sender of this email is claming that after you give them your personal information (full name, address, phone, valid ID, occupation, age/sex), you will receive a Visa ATM Card with ten million dollars on it! Now that sounds way too good to be true. Here's why:

    The first major red flag is that the email is asking for personal information for a bank in Benin Republic, which is a country in Africa, as "quickly as possible". Secondly, how do you have ten million dollars waiting for you? That sounds like the beginning of a scam. Don't fall for it. Also, the email is sent from abuse@scu.edu, even though the sender is in Benin, Africa. 

    The verdit: this is a phishing scam. 

     
  •  Church Work Phish

    Wednesday, Jul. 2, 2014

     The Information Security Office recently recieved a phishing email. How did we know that it was a phish email?

    After reading through the first paragraph of the email, notice that there are grammatical errors and the wording is very strange. The second paragraph also has grammatical errors. It tries to get people to reply to the email saying that the woman's husband is dead, but rich. It's a typical my-husband-is-dead-but-I-got-his-money-and-I'm-giving-it-away phish. The third paragraph should be the most suspicious because it says "this fund is deposited in a bank in the country where my husband worked ...", so you have to give her your personal informtion so a lawyer can transfer it to you. Please remember to never give out personal information to suspicious emails. Last but not least, the basis of the donation was on the user's "church work". But the ISO doesn't really do church work, so it's strange that someone would donate money for the ISO's "church work" . Therefore, this is a phishing email. 

    If you recieve an email similar to this, PLEASE DO NOT RESPOND BACK!

    church work phish email
  •  Advanced Phishing Attack on Google Users

    Thursday, May. 15, 2014
    email from google phish

    Recently, hackers have been targetting Google users' passwords in an advanced phishing scheme. If you receive an email from Google, please make sure it is legitimate. The scam starts with an email from "Google" with "Mail Notice" or "Lookout Notice" as the subject. 

    The email reads: "This is a reminder that your email will be locked out in 24 hours, due to not being able to increase your email storage quota. Go to the INSTANT INCREASE to increase your Email storage automatically" (go to this blog post to see the email screenshot).

    If the user clicks on the INSTANT INCREASE link, the user gets redirected to a fake Google login page (see image in this blog post) where the user is then prompted to put in their credentials. Once the hackers get this information, they will have access to the victim's emails, Google documents, Google Play, Google+, etc. 

    People who are using the Google Chrome browser are at risk, as well as Firefox Mozilla users.

    Please visit this website for more information: http://www.cnbc.com/id/101668517

     

  •  Google Doc Phishing email

    Tuesday, May. 6, 2014

     A Google Doc email phishing scam is making the rounds. It tries to trick Gmail and Google Drive users into giving up the username and password for their Gmail account.

    The scam starts with an email that urges the recipient to view an "important document" on Google Docs by clicking on a link. But when the recipient clicks on the link, it does not go to Google Docs. Instead, the user gets directed to a fake Google Drive login page (a small difference that most users won't notice) that looks like the Gmail login page. Here, he or she is asked to enter the username and password for their Gmail account.

    The fake Google Drive login site looks eerily similar to the real one with Google's signature "One account. All of Google" slogan and the same little icons below for Gmail, Google Drive, Google Maps, Google+ etc.

    Symantec reports the only difference seems to be that it doesn't recognize the user (with a photo, if you normally have that on on your Gmail account, although that may not show up on the real site, either, depending whether you have cookies enabled.) 

    If the user logs in on the fake Google Drive site, their username and password are sent to a compromised web server. The page will redirect to an actual Google Docs document. The user may not notice anything suspicious, but logging in could have big consequences for their bank account.

    In the example posted (click on the thumbnail to view the example), the sender is urging the recepient to click on the Google Doc.

    Phishing Tip: To avoid becoming a victim of a phishing attack (it's when scammers try to obtain people's personal and financial information), never click on a link or attachment in an email from a sender you don't recognize. 





  •  Foreign Language Phishing Example

    Thursday, May. 1, 2014

    Have you ever gotten an email in a language that you couldn't read? It is most likely a phish email or spam. Please remember: DO NOT CLICK ON THE LINKS if there are any. If you can't understand the email, you shouldn't be pressing on anything. Just mark the email as spam and delete it from your inbox. 

    The example image is a Turkish phishing email.

    Tip: If an email subject title seems strange or foreign, don't even bother to click on the email. Just mark it as spam and delete it. You don't know what will happen if you click on the email. 

  •  University Phishing Email Example

    Thursday, Apr. 24, 2014

    "Update your account."

    "Confirm your identity."

    "Failure to do so will cause your account to be immediately deactivated."

    Do these statements seem familiar? If so, you might have come across another type of phishing email. These types of emails create a sense of urgency by saying that the account will be deleted immediately. This might cause some people to panic and not pay attention to what they are clicking or replying to. Always take precautions when you see the key words: failure, immediately, and deactivated in one sentence.

    Click on the thumbnail to view the example. This particular example is a University Webmail message that asks the users to comfirm their identity by providing the email address, username, and password. We have underlined and boxed the things you should watch out for. 

    Tip: You can always check the email address that is sending you the message. If the domain seems unfamiliar, wrong, or unexpected, it might be a phish email. For example, if you receive an email from the SCU ISO website, then the domain should be @scu.edu and not @outlook.com. Make it a habit of checking the small details when an email looks suspicious. Phishing emails often look legitimate until you look closer. 

  •  Bank Phishing Email Examples

    Thursday, Apr. 10, 2014

    Some of the most common phishing emails that people receive are emails from banks informing their customers that their accounts needs to be updated or verifed or that a credit card has been approved. Often times, these emails use legitatimate looking logos, but do not be FOOLED. Banks will never ask you for personal information regarding your password or PIN. Please be wary of emails that asks you for these things. Most likely, it is a phishing email. 

    NEVER CLICK ON A LINK if the email seems to be suspicious. Usually, the link will take you a bogus website designed to look like the actual bank website. You can always roll over the link to see where it will take you (check the bottom of your browser). If you are still in doubt, call your bank.

    In this post, there are three examples of bank phishing emails (go to this blog post and click thumbnails to expand images):

    • Nigeria Republic Branch: This email is suspicious because an ATM card was approved even though you didn't apply for one. Also, pay attention to the name of the bank. 
    • NetBank: Be wary of links. Again, NEVER CLICK ON LINKS. Go to the actual website if you need to sign in. 
    • Wellsfargo: The logo makes it seem like it's the actual bank emailing you. But it's not. Similar looking emails will have some sort of link for you to click on to verify your account. DO NOT CLICK IT. If you must sign in, open a new tab and go to the bank's official webpage first.  

    For your convenience, we have boxed or underlined the parts of these phishing examples that you should always look out for.

     

     

Information Security Office, 1-408-554-5554, iso@scu.edu