RIT PhishBowl

phishy line-up photo




Welcome to the RIT PhishBowl, your source for the latest phishing attempts reported at RIT




How do I use the RIT PhishBowl?

If you receive a suspicious email, visit the RIT PhishBowl and scan the list of recent phishing alerts. If the email is posted, there's no need to report it. Simply delete the email and you're done.

If the suspicious email is not posted to the RIT PhishBowl, report the phish:
  1. Open a new mail note
  2. Drag the phishing attempt into the new mail note
  3. Send the mail note to spam@rit.edu


All Students and Members of Staff are to update their EDU

Recieved 12 April 2021

A phishing email encouraging all students and staff members to update their "EDU" in order to access new features and avoid an account deactivation. Below you will find a list of red flags within the email and a screenshot of what the phish looked like.

Red flags in the email:

  • Sender's emaiis not RIT administered.
  • Creating a sense of urgency.
  • Spelling and grammar miskates.
  • A suspisiocus link.

 

No Kid Hungry Job Scam

Received mid March 2021

A phishing email purporting to offer a work from home opportunity for No Kid Hungry was received by the RIT Community. 

There are several cues in the message that it's not authentic. I've included a screenshot of the phish, but here's a list of cues:

  • Sender address is not associated with the company offering the work
  • There is no addressee name
  • There is inconsistent capitalization and punctuation
  • Contact email is a gmail address
  • Job description is typical of work-at-home scams.

 

Fake COVID 19 Maps

There is a malicious website masquerading as a live map for Coronavirus COVID-19 Global Cases by Johns Hopkins University that is circulating on the Internet to entice unwitting users to visit.  Visiting the website infects the user with the AZORult trojan, an information stealing program which can exfiltrate a variety of sensitive data.  The URL for the malicious site is (corona-virus-map[dot]com). 

Get Paid to Drive Scam

A number of colleges and universities are reporting a new scam where students are paid to have advertising placed on their cars. The students receive a check and are asked to forward a portion of the funds. The check is fraudulent, but usually gets through the initial bank screening. Please report any emails offering this to spam@rit.edu. If you or someone you know has fallen for the scam, please contact RIT Public Safety.