RIT PhishBowl

phishy line-up photo

Welcome to the RIT PhishBowl, your source for the latest phishing attempts reported at RIT

How do I use the RIT PhishBowl?

If you receive a suspicious email, visit the RIT PhishBowl and scan the list of recent phishing alerts. If the email is posted, there's no need to report it. Simply delete the email and you're done.

If the suspicious email is not posted to the RIT PhishBowl, report the phish:
  1. Open a new mail note
  2. Drag the phishing attempt into the new mail note
  3. Send the mail note to spam@rit.edu

Are you available?

We’re seeing a large number of attempted Business Email Compromise (BEC) emails where the scammer impersonates a manager or leader to engage the recipient in a conversation thread. There’s no initial request, but once a conversation is started, the scammer will ask the recipient to purchase a number of gift cards (or engage in a financial transaction). Industry reports indicate a high susceptibility rate to this type of scam.

BEC attempt example:

Email #1


This scam has been seen around universities and colleges and showed up at RIT in August. It uses the name of a superior to engage the recipient. The scammer then tries to get the recipient to purchase gift cards for the scammer. Please forward any copies received to spam@rit.edu