A phishing email seeming to notify RIT students of issues with their immigration and citizenship status. This email urges students to click on the provided link or call the number to avoid arrest and any further problems. Below is a list of several red flags found in the email and a screenshot of the phish:
First step in a business email compromise (BEC) account is reconnaissance. This email looks harmless, but enables the attacker to start a dialog with the recipient. After engaging in conversation, the attacker will typically ask the recipient to purchase gift cards, and provide the numbers to them. The attacker will cash out the gift cards within seconds.
A phishing email encouraging all students and staff members to update their "EDU" in order to access new features and avoid an account deactivation. Below you will find a list of red flags within the email and a screenshot of what the phish looked like.