ITS PHISH TANK

phishing

ITS PHISH TANK: An Updated List of Current Phishing Scams to Beware of and to Avoid

WHAT IS PHISHING? | PHISHING TANK - up to date | PHISHING EXAMPLES 

This page is updated regularly for your review and safety.
For more TIPS and HELPFUL INFO. based on these and related scams to be aware of, go to BINGHAMTON.EDU/ITS/PHISHING. If you think you’ve received a phishing email or scam, report it to security@binghamton.edu.

Contact the ITS Help Desk at 607-777-6420 or email helpdesk@binghamton.edu with any questions. SEE images below so you know to avoid these scams.

SPRING 2024

Six cybersecurity risks and how to prepare

------------------------------------
From BINGSAFETY:

Malicious actors utilizing  new scams focusing on concert tickets and student employment opportunities have been targeting college-aged students across the country, including those attending Binghamton University.

In this latest concert ticket scam, the suspect typically initiates contact through group message boards such as GroupMe or Discord. They present unsuspecting victims with the opportunity to purchase concert tickets, often accompanied by an illegally obtained digital copy of a student ID to falsely claim an affiliation with the university. Once a price is agreed upon, the victim is asked to Venmo the funds to an account and provide a copy of their own student ID. Unfortunately, the scammer then keeps the money, and may send fake tickets or provide no tickets at all. The illegally obtained copy of the victim's ID is then used to perpetuate the scam.

The scams focusing on employment opportunities have been targeting college-aged students across the country, including those attending Binghamton University. In this scam, the suspect initiates contact with potential victims via mass email. The email, seemingly sent from a university faculty member, serves as an advertisement for a university employment opportunity. Although the specific job advertised may vary, it often revolves around an administrative or research assistant position. Upon the victim's response to the job posting, the suspect proceeds to ask a series of interview questions, extracting personal information during the process. Subsequently, the suspect offers employment and sends a fraudulent check to the victim, purportedly for the purchase of office supplies and gift cards. The suspect then requests that the remaining funds, along with the security codes from the gift cards, be returned. Unfortunately, the fraudulent check bounces, leaving the victim responsible for reimbursing their credit agency for the withdrawn funds.

To minimize the risk of falling victim to this or any scam, consider implementing the following preventive measures:

1. Refrain from accepting friend requests or following individuals whom you have not personally met or established a genuine connection with.

2. Never disclose any personal information online, including passwords, cell phone numbers, dates of birth or common security questions such as your mother's maiden name.

3. Never send a copy of any personal documents such as driver’s licenses, student IDs and/or passports.

4. Never purchase concert tickets via Venmo, as Venmo has a policy stating that all transactions involving concert tickets are final and non-refundable.

If you are a victim of this scam or become a victim of any online fraud, report the incident to the University Police at (607)777-2393 immediately. Information can also be reported anonymously through the University Police website. Your prompt reporting is crucial for our ability to provide swift assistance and effectively address the situation.

FALL 2023

KNOW HOW TO SPOT A SCAM

How to Spot A Phishing Scam

DON'T FALL FOR IT - Binghamton University never sends campus emails out that include a QR code. Beware of this latest scam:

QRC scam


Be cautious with Google Group messages. Here is a recent example of what to watch out for:

Geek Fake Email phish

SPRING 2023

JAN 18: Be on the lookout for campus payment request scams. Never click on any links in an email such as this. What stands out as a scam? Binghamton University will never send out emails with a self service payment portal. 

When in doubt, report the email to security@binghamton.edu, and/or send a copy to the Help Desk. Contact the proposed sender in a separate email for assurance, or phone the department it seems to be coming from.

The first example usually comes first, followed by the second one below that making it sound more urgent.Overdue Billing Campus Email Scam_____________________________________

Email Overdue Fee Scam


FALL 2022

Watch out for withdrawal/fund related emails with attachments.

Withdrawal Hoax

Be on the lookout for fake professor attachment emails!

Fake professor email attachment scam

Be on the lookout for impersonation and campus job scam emails!
SPOT the differences. You'll notice it's external mail, NOT from a Bmail address and the body has poor layout and typos. It also has an unrealistic pay rate or false information.

impersonation scam

------

fake campus job scam


Avoid Student Loan Scams
You never have to pay for help with your federal financial aid or student loans. Learn more about how to avoid scams and understand which companies and claims are legitimate. BE PREPARED! Do your homework.


BEWARE OF THE NEVERENDING COMPUTER TECH BILL SCAMS!

Notice the attachement invoice? They try to lure you in by clicking on the attachment. See the email address is a gmail account, and not a business? NEVER click on an attachment from anyone unless you're totally sure it is legitimate. Chances are in this case, you did not do any business w/ GEEK SQUAD in the first place.

tech email scam

MAY 2022

This particular scam is quite popular appearing as BestBuy, Norton and other companies like this one. If you think you may have dealt with this company before, lookup their actual phone number and call them. As you can see here, the first alert that this is a definite scam is the sender's email address (GMAIL) and the strange name, and the fact that they used a bcc. REPORT/DELETE!

Geek Squad Scam


This phishing scam tries to play on people's concerns of COVID - but keep in mind this is lacking just enough information to draw you in and trick folks. NEVER click on attachments unless you're certain it is safe. As you can see the email address is NOT a Bmail address.

COVID fake test results scam


This next scam is one that's been used by attackers that have compromised some Binghamton University accounts. They're sending the messages through Sharepoint or OneDrive in office.com - so be extra cautious! The University President will NEVER share a file with any students via email.

President scam email


APRIL 2022

Job scammers are getting creative, but we know better. See screenshot of recent job scam below, and review the browswer in browser scam. Never click on any attachment unless you are sure it's legit. 1. Look at the sender's address. 2. Notice the  numerous email addresses this is being sent to - not professional. 3. Binghamton would not send out this simple unprofessional looking email for this type of event, and they would not ask you to fill out an attachment.

InfoSec recommends: In an email, be suspicious of all links, attachments, and login windows. Open up a new browser window to login at an address you type in.
Protect your account with google 2 step.

NEWLY DISCOVERED PHISHING METHOD NEARLY UNDETECTABLE
Criminals constantly evolve their tactics to offset cybersecurity attempts to ruin their payday – and a newly discovered method is especially troublesome. Many (most?) individuals access their personal email via a web browser – so it makes sense for this latest attack method to leverage a web browser “trick”. The phishing scheme uses a “browser in a browser” popup window for the victim to enter their authentication information – which seems legitimate, but turns out to be a hacker-generated skimming window instead. Go here for more helpful information.

Job Internship Scam

MARCH 2022

This type of scam is quite popular recently, so make sure you double check sender's email address (which is a gmail - not Paypal), links, typos,  and the unprofessionalism of the look of the email. RED FLAGS. Do not call the number or reply, report it to security@binghamton and CC: police@binghamton.edu.

Paypal phishing email scam


FEBRUARY 2022

This scam is quite popular when one of your email contacts gets hacked. Be aware, and always check with the person this seems to be coming from, because this one is truly a hoax. Do not click on any links or attachments.

click image for entire email image

Email hoaxe to get the user to click on links


This looks quite real, however they immediately ask for SSN digits, and more personal info. which is never required for an employment application process. Don't be duped. What are the other signs you see here? ALWAYS hesitate with these types of emails! Is the email address real? Does it seem too good to be true? YES. Are there typos? Is the company legit...?

Click image to see larger, more complete email scam.

click image for entire email image

JOB SCAM with SS# request


This one is a current scam that is simple, yet tricky. They want you to think like they're looking out for your best interest and provide some links for you to click on - do not click on them. If you notice, the email address is gmail, and the name is a man's name, yet it addresses as "Hello Dear!". Punctuation and spelling mistakes is an obvious red flag. Click image to see larger, more complete email scam.

Link Phishing Scam


JANUARY 2022

A simple scam that is circulating that's trying to trick you into replying:

DO NOT reply to this fake email, just DELETE it.

Tutor Phishing Scam


A simple scam that is circulating that's trying to get you interested into replying:

DO NOT reply to this fake email, just DELETE it.

simple phishing scam to delete

DECEMBER 2021

Recent employment scam that is circulating:

DO NOT reply to this fake campus email, as they could ask you for your personal information. 

Please note: the sender’s email address and subject can change, same content yet different email, usually a strange gmail address. This is NOT actually from any campus group, and is very unprofessional, as you can see from the generic email address, no message only the "hello.pdf" attachment to entise you to click on it.
DECEMBER PHISHING SCAM

Recent employment scam that is circulating:

DO NOT reply to the email, as they could ask you for your personal information. NEVER click on any attachments unless you are sure it's a legitimate email.

Please note: the sender’s email address and subject can change, same content yet different email, usually a strange gmail address. This is NOT actually from any campus group, and is very unprofessional, as you can see from the generic email address, no message only the "hello.pdf" attachment to entise you to click on it.

DECEMBER PHISHING SCAM


Recent employment scam that is circulating:

DO NOT reply to the email, as they could ask you for your personal information. As you can see the time and pay for this job is unrealistic.

Please note: the sender’s email address and subject can change yet still have the same content just a different email, usually a strange gmail address. This is NOT actually from any campus group, as you can see from the generic email address.

DECEMBER PHISHING SCAM


Recent employment scam that is circulating:

DO NOT reply to the email, as they could ask you for your personal information. 

Please note: the sender’s email address and email subject can change, same content, different email, usually a strange gmail address. This is NOT actually from any campus group, as you can see from the generic email address.

DECEMBER PHISHING SCAM


More Sophisticated McAfee EMAIL SCAM

This is a very realistic looking one which will catch your attention as not ordering this feature so they try to lure you in by clicking links in the body of the email. Notice the GMAIL email adress for the sender.  

CLICK on image for larger version.

Email scam

NOVEMBER 2021

RECENT McAfee EMAIL SCAM

Note the gmail address and time the email was sent.

Harries <harrietsmithasde@gmail.com>
4:31 AM

Greetings,

Thank you for your ongoing participation and commitment to the programs and mandate of membership 2021-2022.

This email is friendly reminder that a fee of $299.00 is debited from your account and the renewal of your subscription has been done with McAfee.

We appreciate you and your ongoing membership with us and if want more information or want to cancel the renewal, please reach our customer care department.

Membership Details:
Invoice  # MC-080-2E8
Plan Name: ProtectionPlan-McAfee
Signup Date: 23 Nov 2021
Fee: $299.00

Thanks.
Billing Department
1-478-607-2799


Please be aware of the following research assistant job scams, with many being repetitive and similar, that have been going around.

NOTE: The scammers typically include the names of real Binghamton University professors in their fake emails (mainly gmail, and obviously not BMAIL) to trigger your interest. ALSO, all Binghamton related job opp's. are posted via HANDSHAKE.

These “offers” are NOT legitimately from Binghamton University professors, and you should ALWAYS check the sender before doing anything.

Here is the best common practice for recognizing these types of emails as a scam.Job Scam - and how to spot one


Recent impersonation scam to be aware of and avoid:

This is a tricky one, as it looks like the President of the University is trying to share a file with you. However, the President or anyone at the university will never send a message like this to anyone. DO NOT click on the link or open the file, as it could release malware onto your device or request you for personal information. Moreover, note that the scammer is using an external gmail address. 

File Share Scam


Recent job hoax to be aware of and avoid September 2021:

Please be aware of External Emails requesting you to text someone for more information.  The scammer is trying to harvest more phone numbers to scam. Please note: the sender’s email address and email subject can change. This is NOT actually from any campus group, as you can see from the generic email address.

Job Hoax


AUGUST 2021

Recent impersonation scam to be aware of and avoid:

This is a tricky one, as it looks like it’s legitimately from the Campus IT Services. However, the ITS will never send a message like this to anyone. DO NOT click on the link, as it could release malware onto your device or request you for personal information.

Impersonation Scam


Recent employment scam that is circulating:

DO NOT reply to the email, as they could ask you for your personal information.

Please note: the sender’s email address is Gmail and not the corresponding organization's email. Even though the content sounds professional to an extent, the scammer is trying to extract your personal information. The scammer is trying to harvest more information to scam.

External Employment Scam


Recent employment scam that is circulating:

DO NOT reply to the email, as they could ask you for your personal information. NEVER click on any attachments unless you are sure it's a legitimate email.

Please note: the sender’s email address and email subject can change, same content, different email, usually a strange gmail address. This is NOT actually from any campus group, as you can see from the generic email address.

Employment Scam


Recent employment scam that is circulating:

DO NOT reply to the email, as they could ask you for your personal information. Please note: the sender’s email address and email subject can change. This is NOT actually from any campus group, as you can see from the generic email address.

Employment Scam

Job Scam


Recent job hoax to be aware of and avoid:

Please be aware of External Emails requesting you to text someone for more information.  The scammer is trying to harvest more phone numbers to scam.

Job Scam


JUNE 2021

Recent employment scam that is circulating:

DO NOT reply to the email, as they could ask you for your personal information. Please note: the sender’s email address and email subject can change. This is NOT actually from any campus group, as you can see from the generic email address.

SCAM JUNE 2021


MAY 2021

Recent research assistant scam to be aware of and avoid:

Note: the scammers typically include the names of real Binghamton University professors in their fake emails to trigger your interest. These “offers” are NOT legitimately from Binghamton University professors, and you should ALWAYS check the sender before doing anything. Binghamton University never sends out these types of emails, as all job openings are posted via Handshake.

Research Assistant Scam


Recent impersonation scam to be aware of and avoid:

This is a tricky one, as it looks like it’s legitimately from the Help Desk. However, the Help Desk will never send a message like this to anyone. And, if you look closely, you’ll notice that the email refers to Binghamton University as “binghamton.edu Corporation.” This is incorrect and a tell-tale sign that this is a scam impersonating the Help Desk. "Not receiving all your MAILS" ... notice the typo, a sure way to spot a fake.

Impersonation Scam


APRIL 2021

Recent student employment scam to be aware of and avoid:

DO NOT reply to the email, as they could ask you for your personal information.

Note: the sender’s email address is Gmail and not Bmail. This is NOT actually from any campus group, as you see the email address is generic, the content sounds unprofessional and there are typos.

Student employment scam


Recent copyright infringement scam to be aware of and avoid:

DO NOT click on the link, as it could release malware onto your device.

Please note: the sender’s email address and email subject are off (see below for a similar scam from March). This is NOT actually from any campus group (notice the sender's email address is dot com not dot edu. Also, notice the typos and google site link. 

Copyright Scam


Employee portal scam to be aware of and avoid:

Be aware of this scam. DO NOT CLICK on the link or input any personal information. This scam has been reported by faculty and students. 

Employee Portal Scam


MARCH 2021

Research assistant scam to be aware of and avoid:

Please be aware of the following research assistant scam. The scammer seems to resend the same email with the professor’s name and “from” email address fluctuates. And, as you see the sender's email address is Gmail not Bmail. There is also a phone number outside of our area code. These are alerts that should trigger your sense into realizing it is a scam.

This job offer is NOT legitimate; the scammers are impersonating real Binghamton University professors. If you receive an email like this, please report it to security@binghamton.edu. 

RA Scam


Recent tax return scam to be aware of and avoid:

This is illegitimate and not actually from the Internal Revenue Service (IRS). The IRS would never send an email like this for a refund.

Tax Scam


JANUARY 2021

Recent COVID and CELL PHONE related scams to be aware of and avoid:

NEW cellphone number request scam: The scammers try to harvest cell phone numbers from individuals. Then they use those numbers to text additional scams, including the infamous gift card request scam. Unfortunately, there is not much to do, but to be aware of this, and to avoid scams such as this one.

Another popular COVID-19 related scam has been circulating to request users to fill out a Google Form. Remember, Binghamton University will never request Binghamton users to provide personal info. online such as social security numbers, user credentials, etc.

Cell Phone Scam

  COVID Fake Form 1

 COVID Fake Form 2


Notification of Phishing Website Targeting SUNY Users

Recently a phishing attack occurred at SUNY Canton with this link mimicking their Blackboard system: https://cantonschool.000webhostapp.com/

If you get any kind of communication with the following link mimicking our myCourses: https://binghamton.000webhostapp.com/, DO NOT CLICK, please report it to: security@binghamton.edu and https://www.000webhost.com/report-abuse.

 
OCTOBER 2020

Job hoax to be aware of and avoid:

Please be aware of External Emails requesting you to text someone for more information.  The scammer is trying to harvest more phone numbers to scam.

Job Hoax


SEPTEMBER 2020

Job scam to be aware of and avoid:

Please be aware that while Athena Consulting (not Athen Consultants) is a legitimate organization, the below email is a phishing scam. Athenconsultants.com (in the sender's email address) is not a real company. 

Fake job

Employment scam to be aware of and avoid:

Please be aware of the following job scam. Remember: unsolicited job offers are rarely legitimate. Legitimate offers will come from organizational emails like Handshake and Bmail (@binghamton.edu). 

Student Position Scam


AUGUST 2020 

Beware: Resurgence of “impersonation” email gift card scam

Binghamton University is seeing a resurgence of “impersonation” email scams, targeting professors and administrative assistants. These messages appear to come from managers or deans, and ask the targeted user to purchase gift cards for them (i.e. iTunes, Amazon, GooglePlay, etc.). Once the attackers receive images of the purchased cards they cease communication.

For any communication requesting personal information or financial transactions, verify the legitimacy of the sender in as many ways possible. And let's be realistic! How many people do you know, family or friends, who would ask you via email to purchase gift cards for them? Many of the messages we have seen use email addresses such as user.binghamton.edu@gmail.com. At first glance this can look like a real Bmail address, but it’s actually a standard generic Gmail address.

If you receive a message that seems out of the ordinary, consider this: Would this person normally ask for this type of information/favor? Is this the actual email address of the sender? Instead of replying to the sent message, create a new email to the user’s actual BMail address to inquire about the request.

Forward any suspicious messages to security@binghamton.edu as soon as possible.


Updated Nov 17, 2022