Santa Clara University

Information Security Office

Phishing Examples

RSS Subscribe to Phishing Examples
 
 
RSS

A Phishing Guide: Don't Get Fooled by Emails

Don't know what phishing emails looks like? Well, you've come to the right place! Here, you will find examples of phishing emails and how to spot them.

The following postings have been filtered by tag phish. clear filter
  •  Report Phish Emails on Gmail and Yahoo Mail!

    Wednesday, Apr. 15, 2015
    phishing image

    How to Recognize Phishing:
    Always be wary of any message that asks for your personal information or messages that refer you to a web page asking for personal information. If you receive this type of message, please DO NOT provide any personal information or click on any links.

    Messages or websites phishing for information might ask you to enter:

    • Usernames and passwords
    • Social Security numbers
    • Bank account numbers
    • PINs (Personal Identification Numbers)
    • Full credit card numbers
    • Your mother’s maiden name
    • Your birthday

    Before Clicking: 
    Pay attention to sign-in screens.
    Cyber criminals can use links in emails, tweets, posts and online advertisements to direct you to fake sign-in screens, where they can steal your password. Only sign in to your account when you are certain you visited the real site directly. Check the Internet address to be sure.

    Report Phish Emails: 

    To report phishing in Gmail:

    1. select the email you are reporting
    2. click the down arrow next to "Reply"
    3. select “Report phishing.” 

    To report phishing in Yahoo:

    1. select the email you are reporting
    2. click the down arrow next to "Spam"
    3. Click "Report a Phishing Scam"

     As easy as 1-2-3 AND YOU'RE DONE. 

  •  10 Million Dollars for You!

    Monday, Jul. 21, 2014

     The sender of this email is claming that after you give them your personal information (full name, address, phone, valid ID, occupation, age/sex), you will receive a Visa ATM Card with ten million dollars on it! Now that sounds way too good to be true. Here's why:

    The first major red flag is that the email is asking for personal information for a bank in Benin Republic, which is a country in Africa, as "quickly as possible". Secondly, how do you have ten million dollars waiting for you? That sounds like the beginning of a scam. Don't fall for it. Also, the email is sent from abuse@scu.edu, even though the sender is in Benin, Africa. 

    The verdit: this is a phishing scam. 

     
  •  Church Work Phish

    Wednesday, Jul. 2, 2014

     The Information Security Office recently recieved a phishing email. How did we know that it was a phish email?

    After reading through the first paragraph of the email, notice that there are grammatical errors and the wording is very strange. The second paragraph also has grammatical errors. It tries to get people to reply to the email saying that the woman's husband is dead, but rich. It's a typical my-husband-is-dead-but-I-got-his-money-and-I'm-giving-it-away phish. The third paragraph should be the most suspicious because it says "this fund is deposited in a bank in the country where my husband worked ...", so you have to give her your personal informtion so a lawyer can transfer it to you. Please remember to never give out personal information to suspicious emails. Last but not least, the basis of the donation was on the user's "church work". But the ISO doesn't really do church work, so it's strange that someone would donate money for the ISO's "church work" . Therefore, this is a phishing email. 

    If you recieve an email similar to this, PLEASE DO NOT RESPOND BACK!

    church work phish email
Information Security Office, 1-408-554-5554, iso@scu.edu