Phishing Scams: Some Quick Facts

There is a constant stream of messages being received purporting to be from banks, credit unions, the IRS, other government entities, individuals with get rich quick schemes and nonexistent lotteries. There are messages enticing you to provide bank account numbers, passwords, or other personal info; open infected attachments; or go to websites designed to infect your computer with malware (e.g., viruses, trojans, worms, keystroke loggers). There is even an e-mail scam involving death threats designed to extort payment to avoid being killed. Identity theft spam and scams are becoming more sophisticated, and these are all cons designed to gather information useful in spamming and other illegal Internet-based con games.
UB currently receives in the neighborhood of 4 million spam messages each day. While our spam filters are very good, they are not perfect and they do take some time to identify new types of spam. You need to be on the lookout for identity theft and other scams.

Now that many users are familiar with phishing schemes, thieves are switching their efforts to "vishing" -- leaving recorded phone messages telling recipients that their credit card numbers have been breached and to call the following regional phone number immediately. When a user calls the number, they reach a Voice over Internet Protocol (VoIP) telephone system that recognizes telephone keystrokes, and another message tells them to provide their account number to verify their account.

Healthy skepticism is the best approach to anything you receive via email or telephone broadcast. Here's some specific recommendations:

  • Don't open attachments or click on websites in unsolicited e-mail from sent from unknown sources.
  • You should never email your password or any other private information (e.g. credit card number, driver's license number, bank account information or social security number), and UB will never ask you to do so.
  • Don't be tricked - never reveal your password(s) to anyone.
  • Reputable banks and financial institutions will never ask for your account numbers, pins or passwords by email.
  • Never enter your credit information into a non-secured web page. A secured web page starts with https:// (note the "S" for "Secure") and will display a lock on the browser frame.
  • Never contact a bank, credit card company, or other business using the phone number provided in an email or recorded phone message: many scam artists and identity thieves send messages that look or sound official, purporting to be from a reputable business or organization, seeking account or other personal information from you. Don't trust this type of message: look up phone numbers of your bank and other organizations in a phone directory or other official source.
  • Don't fall for stories about winning the lottery, promises of money from newly discovered relatives or requests to act as an agent for a business or individual. If the story sounds too good to be true, it is a probably a scam.



Latest UB Phishing Samples: Email Scams

Jimdo Helpdesk Support Phish

The following is an example of a phishing message and the hints that give it away as a scam.

Hints

  • Mail does not come "From" "@buffalo.edu"
  • Threatens loss of account if not filled out
  • Hovering on links in the mail reveals that they lead to a website that does not end in "buffalo.edu"

Impact

  • Clicking on the links contained in the scam takes you to a website that steals your UB credentials.

Advice

  • Delete the mail; Do not click on any links in it.
  • Advice on scams -- provided by UB
  • If you clicked on the links in the scam and entered your credentials into the subsequent website, change your password on those account(s) immediately.

Example Scam

AttachmentSize
jimdo20131113.png41.48 KB

Phish: CIT Upgrade

The following is an example of a phishing message and the hints that give it away as a scam.

Hints

  • Mail does not come "From" "@buffalo.edu"
  • Subject line is blank
  • Hovering on links in the mail reveals that they lead to a website that does not end in "buffalo.edu"

Impact

  • Clicking on the links contained in the scam takes you to a website that steals your UB credentials.

Advice

  • Delete the mail; Do not click on any links in it.
  • Advice on scams -- provided by UB
  • If you clicked on the links in the scam and entered your credentials into the subsequent website, change your password on those account(s) immediately.

Example Scam

AttachmentSize
datacenterupgrade.png33.32 KB

Phishing: Reconfigure Your Outlook

The following is an example of a phishing message and the hints that give it away as a scam.

Hints

  • Mail does not come "From" "@buffalo.edu"
  • Hovering on links in the mail reveals that they lead to a website that does not end in "buffalo.edu"

Impact

  • Clicking on the links contained in the scam takes you to a website that steals your UB credentials.

Advice

  • Delete the mail; Do not click on any links in it.
  • Advice on scams -- provided by UB
  • If you clicked on the links in the scam and entered your credentials into the subsequent website, change your password on those account(s) immediately.

Example Scam

AttachmentSize
reconfigureyourmail-20131111.png56.22 KB

Buffalo Abuse Support 20130523

The following is an example of a phishing message and the hints that give it away as a scam.

Hints

  • Mail does not come "From" "@buffalo.edu"
  • Hovering on links in the mail reveals that they lead to a website that does not end in "buffalo.edu"

Impact

  • Clicking on the links contained in the scam takes you to a website that steals your UB credentials.

Advice

  • Delete the mail; Do not click on any links in it.
  • Advice on scams -- provided by UB
  • If you clicked on the links in the scam and entered your credentials into the subsequent website, change your password on those account(s) immediately.

Marked Up Scam

AttachmentSize
buffaloabusesupport20130523.png70.19 KB

Team Buffalo Mail 20130514

The following is an example of a phishing message and the hints that give it away as a scam.

Hints

  • Mail does not come "From" a "@buffalo.edu" address
  • Hovering on links in the mail reveals that they lead to a website that does not end in "buffalo.edu"

Impact

  • Clicking on the links contained in the scam takes you to a website that steals your UB credentials.

Advice

  • Delete the mail; Do not click on any links in it.
  • Advice on scams -- provided by UB
  • If you clicked on the links in the scam and entered your credentials into the subsequent website, change your password on those account(s) immediately.

Marked Up Scam

AttachmentSize
teambuffalomail1.png59.26 KB

Buffalo Email Administration (20130503)

The following is an example of a phishing message and the hints that give it away as a scam.

Hints

  • Bad grammar and misspellings
  • Hovering on links in the mail reveals that they lead to a website that does not end in "buffalo.edu"

Impact

  • Clicking on the links contained in the scam takes you to a website that steals your UB credentials.

Advice

  • Delete the mail; Do not click on any links in it.
  • Advice on scams -- provided by UB
  • If you clicked on the links in the scam and entered your credentials into the subsequent website, change your password on those account(s) immediately.

Marked Up Scam

AttachmentSize
buffaloemail20130503.png49.77 KB

Stranded Professor (20130501)

The following is an example of a phishing message and the hints that give it away as a scam.

Hints

  • "From" address is not @buffalo.edu but is claiming to be a member of our faculty (the professors published address in the UB Directory is @buffalo.edu)
  • The phone number (not shown in screenshot) did not correspond to the professor's phone number listed in the UB Directory.
  • Asking for money via email
  • Claims to be a stranded traveler but does not have access to a phone
  • Contacted you and not their immediate family
  • Is very similar to this scam.

Impact

  • Replying to the email leads to further correspondence with the scammer in an attempt to get you to send the money

Advice

  • Delete the mail; Do not click on any links in it.
  • Advice on scams -- provided by UB
  • If you replied to a scam like this, or gave out any private information (bank information) contact your local law enforcement and your bank for help.

Marked Up Scam

AttachmentSize
strandedprofessor20130501.png55.35 KB

Buffalo Security Team Phishing (20130426)

The following is an example of a phishing message and the hints that give it away as a scam.

Hints

  • "From" address claims to be "Buffalo Security Team" but does not come from "@buffalo.edu"
  • Hovering on links in the mail reveals that they lead to a website that does not end in "buffalo.edu"

Impact

  • Clicking on the links contained in the scam takes you to a website that steals your UB credentials.

Advice

  • Delete the mail; Do not click on any links in it.
  • Advice on scams -- provided by UB
  • If you clicked on the links in the scam and entered your credentials into the subsequent website, change your password on those account(s) immediately.

Marked Up Scam

AttachmentSize
20130426-buffalosecurityteam.png64.58 KB

Buffalo Email Phishing

The following is an example of a phishing message and the hints that give it away as a scam.

Hints

  • "From" address claims to be "Buffalo Email Support" but does not come from "@buffalo.edu"
  • Hovering on links in the mail reveals that they lead to a website that is not "buffalo.edu"

Impact

  • Clicking on the links contained in the scam takes you to a website that steals your UB credentials.

Advice

  • Delete the mail; Do not click on any links in it.
  • Advice on scams -- provided by UB
  • If you clicked on the links in the scam and entered your credentials into the subsequent website, change your password on those account(s) immediately.

Marked Up Scam

AttachmentSize
buffaloemail-20130419.png45.02 KB

USPS Package Waiting (March 2013)

The following is an example of a phishing message and the hints that give it away as a scam. It's a bit more clever than other phishing attempts and disguises the URL fairly well. However, by hovering on the URL you can, as usual, see that this is a phishing attempt.

Hints

  • Hovering on links in the mail reveals that they lead to a website that is not "buffalo.edu"

Impact

  • Clicking on the links contained in the scam takes you to a website that steals your credentials.

Advice

  • Delete the mail; Do not click on any links in it.
  • Advice on scams -- provided by UB
  • If you clicked on the links in the scam and entered your credentials into the subsequent website, change your password on those account(s) immediately.

Marked Up Scam

AttachmentSize
usps-march2013copy.png125.09 KB