Information Security: Phish Tank

PHISH TANK

A list of Phishing Scams to be aware of and avoid.

What is Phishing

This page is updated periodically for your review and safety.

For more TIPS and HELPFUL INFO based on these and related scams to be aware of, go to PHISHING. If you think you've received a phishing email or scam, report it to security@binghamton.edu.

---

Contact the ITS Help Desk at 607-777-6420 or submit a ticket. SEE images below so you know to avoid these scams.

2024 - Current Phishing Scams to B-AWARE of...

Discover phishing scam trends across different years

• 2023
• 2022
• 2021
• 2020

KNOW HOW TO SPOT A SCAM

---

1. Check the below email on how to spot a phishing scam.

 2. DON'T FALL FOR IT - Binghamton University never sends campus emails out that include a QR code. Beware of this latest scam:

3. Be cautious with Google Group messages. Here is a recent example of what to watch out for:

Summer 2024

JUNE 26, 2024
To the Campus Community:

Malicious actors utilizing remote access phishing scams have been targeting individuals across the country, including those attending or employed by Binghamton University.

In this scam, the suspect contacts potential victims through a mass email, posing as a trusted source, such as a vendor or company like PayPal. The email warns the recipient of an unauthorized transaction on their account or claims their computer has been hacked, directing them to contact either "tech support" or another company representative. The email provides a phone number for this contact; however, neither the phone number nor the person who answers are affiliated with the mentioned company. When the victim calls the provided number, they are instructed to download a remote access application. Although numerous applications allow remote access to a computer, "LogMeIn" and "AnyDesk" are typically utilized. Once the application is downloaded, the suspect can gain control of the victim’s computer and potentially access all data, including banking information and passwords.

On Tuesday, June 25, the University Police received a report of this scam occurring on Binghamton’s campus. In response to this report and recognizing the ongoing threat posed by such scams, the UPD strongly advises all members of the campus community to exercise caution when interacting with unfamiliar individuals via email. 

To minimize the risk of falling victim to this scam, consider implementing the following preventive measures:

1. Treat all emails alerting you of potential cyber-attacks or fraudulent activity on banking apps with suspicion. If you receive such an alert, do not use the phone number provided in the email. Instead, contact the company directly using a verified phone number from the company’s official website to confirm that the email is fraudulent.

2. Never download a remote access application such as "AnyDesk" or "LogMeIn" at the direction of an unknown person.

3. Never disclose any personal information online, including passwords, cell phone numbers, dates of birth, addresses, or common security questions such as your mother's maiden name.

4. If your computer is accessed remotely, quickly shut down the machine and unplug all cables from the wall. Once this is done, contact Binghamton University Information Technology Services for further guidance on how to protect your computer and information. 

If you become a victim of this or any online fraud, report the incident to the university police at (607)777-2393 immediately. Information can also be reported anonymously through the University Police website: https://www.binghamton.edu/police/anonymous-tips.html. Your prompt reporting is crucial for our ability to provide swift assistance and effectively address the situation.

---

Spring 2023

JAN 18: Be on the lookout for campus payment request scams. Never click on any links in an email such as this. What stands out as a scam? Binghamton University will never send out emails with a self service payment portal. 

When in doubt, report the email to security@binghamton.edu, and/or send a copy to the Help Desk. Contact the proposed sender in a separate email for assurance, or phone the department it seems to be coming from.

1. The first example usually comes first, followed by the second one below that making it sound more urgent.

2.

Fall 2022

1. Watch out for withdrawal/fund related emails with attachments.

2. Be on the lookout for fake professor attachment emails!

3. Be on the lookout for impersonation and campus job scam emails!

SPOT the differences. You'll notice it's external mail, NOT from a Bmail address and the body has poor layout and typos. It also has an unrealistic pay rate or false information.

4. Avoid Student Loan Scams

You never have to pay for help with your federal financial aid or student loans. Learn more about how to avoid scams and understand which companies and claims are legitimate. BE PREPARED! Do your homework.

5. Beware of the Neverending Computer Tech Bill Scams!

Notice the attachement invoice? They try to lure you in by clicking on the attachment. See the email address is a gmail account, and not a business? NEVER click on an attachment from anyone unless you're totally sure it is legitimate. Chances are in this case, you did not do any business w/ GEEK SQUAD in the first place.

May 2022

1. This particular scam is quite popular appearing as BestBuy, Norton and other companies like this one. If you think you may have dealt with this company before, lookup their actual phone number and call them. As you can see here, the first alert that this is a definite scam is the sender's email address (GMAIL) and the strange name, and the fact that they used a bcc. REPORT/DELETE!

2. This phishing scam tries to play on people's concerns of COVID - but keep in mind this is lacking just enough information to draw you in and trick folks. NEVER click on attachments unless you're certain it is safe. As you can see the email address is NOT a Bmail address.

3. This next scam is one that's been used by attackers that have compromised some Binghamton University accounts. They're sending the messages through Sharepoint or OneDrive in office.com - so be extra cautious! The University President will NEVER share a file with any students via email.

April 2022

Job scammers are getting creative, but we know better. See screenshot of recent job scam below, and review the browswer in browser scam. Never click on any attachment unless you are sure it's legit. 1. Look at the sender's address. 2. Notice the  numerous email addresses this is being sent to - not professional. 3. Binghamton would not send out this simple unprofessional looking email for this type of event, and they would not ask you to fill out an attachment.

InfoSec recommends: In an email, be suspicious of all links, attachments, and login windows. Open up a new browser window to login at an address you type in.
Protect your account with google 2 step.

NEWLY DISCOVERED PHISHING METHOD NEARLY UNDETECTABLE:
Criminals constantly evolve their tactics to offset cybersecurity attempts to ruin their payday – and a newly discovered method is especially troublesome. Many (most?) individuals access their personal email via a web browser – so it makes sense for this latest attack method to leverage a web browser “trick”. The phishing scheme uses a “browser in a browser” popup window for the victim to enter their authentication information – which seems legitimate, but turns out to be a hacker-generated skimming window instead. Go here for more helpful information.

March 2022

This type of scam is quite popular recently, so make sure you double check sender's email address (which is a gmail - not Paypal), links, typos,  and the unprofessionalism of the look of the email. RED FLAGS. Do not call the number or reply, report it to security@binghamton and CC: police@binghamton.edu.

February 2022

This scam is quite popular when one of your email contacts gets hacked. Be aware, and always check with the person this seems to be coming from, because this one is truly a hoax. Do not click on any links or attachments.

2. This looks quite real, however they immediately ask for SSN digits, and more personal info. which is never required for an employment application process. Don't be duped. What are the other signs you see here? ALWAYS hesitate with these types of emails! Is the email address real? Does it seem too good to be true? YES. Are there typos? Is the company legit...?

3. This one is a current scam that is simple, yet tricky. They want you to think like they're looking out for your best interest and provide some links for you to click on - do not click on them. If you notice, the email address is gmail, and the name is a man's name, yet it addresses as "Hello Dear!". Punctuation and spelling mistakes is an obvious red flag. Click image to see larger, more complete email scam.

January 2022

1. A simple scam that is circulating that's trying to trick you into replying:

DO NOT reply to this fake email, just DELETE it.

2. A simple scam that is circulating that's trying to get you interested into replying:

DO NOT reply to this fake email, just DELETE it.

December 2021

1. Recent employment scam that is circulating:

DO NOT reply to this fake campus email, as they could ask you for your personal information. 

Please note: the sender’s email address and subject can change, same content yet different email, usually a strange gmail address. This is NOT actually from any campus group, and is very unprofessional, as you can see from the generic email address, no message only the "hello.pdf" attachment to entise you to click on it.

2. Recent employment scam that is circulating:

DO NOT reply to the email, as they could ask you for your personal information. NEVER click on any attachments unless you are sure it's a legitimate email.

Please note: the sender’s email address and subject can change, same content yet different email, usually a strange gmail address. This is NOT actually from any campus group, and is very unprofessional, as you can see from the generic email address, no message only the "hello.pdf" attachment to entise you to click on it.

3. Recent employment scam that is circulating:

DO NOT reply to the email, as they could ask you for your personal information. As you can see the time and pay for this job is unrealistic.

Please note: the sender’s email address and subject can change yet still have the same content just a different email, usually a strange gmail address. This is NOT actually from any campus group, as you can see from the generic email address.

4. Recent employment scam that is circulating:

DO NOT reply to the email, as they could ask you for your personal information. 

Please note: the sender’s email address and email subject can change, same content, different email, usually a strange gmail address. This is NOT actually from any campus group, as you can see from the generic email address.

5. More Sophisticated McAfee EMAIL SCAM

This is a very realistic looking one which will catch your attention as not ordering this feature so they try to lure you in by clicking links in the body of the email. Notice the GMAIL email adress for the sender.

November 2021

1. RECENT McAfee EMAIL SCAM:
Note the gmail address and time the email was sent.

Harries <harrietsmithasde@gmail.com>
4:31 AM

Greetings,

Thank you for your ongoing participation and commitment to the programs and mandate of membership 2021-2022.

This email is friendly reminder that a fee of $299.00 is debited from your account and the renewal of your subscription has been done with McAfee.

We appreciate you and your ongoing membership with us and if want more information or want to cancel the renewal, please reach our customer care department.
Membership Details:
Invoice  # MC-080-2E8
Plan Name: ProtectionPlan-McAfee
Signup Date: 23 Nov 2021
Fee: $299.00

Thanks.
Billing Department
1-478-607-2799

2. Please be aware of the following research assistant job scams, with many being repetitive and similar, that have been going around.

NOTE: The scammers typically include the names of real Binghamton University professors in their fake emails (mainly gmail, and obviously not BMAIL) to trigger your interest. ALSO, all Binghamton related job opp's. are posted via HANDSHAKE.

These “offers” are NOT legitimately from Binghamton University professors, and you should ALWAYS check the sender before doing anything.

3. Recent impersonation scam to be aware of and avoid:

This is a tricky one, as it looks like the President of the University is trying to share a file with you. However, the President or anyone at the university will never send a message like this to anyone. DO NOT click on the link or open the file, as it could release malware onto your device or request you for personal information. Moreover, note that the scammer is using an external gmail address. 

4. Recent job hoax to be aware of and avoid September 2021:

Please be aware of External Emails requesting you to text someone for more information.  The scammer is trying to harvest more phone numbers to scam. Please note: the sender’s email address and email subject can change. This is NOT actually from any campus group, as you can see from the generic email address.

August 2021

1. Recent impersonation scam to be aware of and avoid:

This is a tricky one, as it looks like it’s legitimately from the Campus IT Services. However, the ITS will never send a message like this to anyone. DO NOT click on the link, as it could release malware onto your device or request you for personal information.

2. Recent employment scam that is circulating:

DO NOT reply to the email, as they could ask you for your personal information.

Please note: the sender’s email address is Gmail and not the corresponding organization's email. Even though the content sounds professional to an extent, the scammer is trying to extract your personal information. The scammer is trying to harvest more information to scam.

3. Recent employment scam that is circulating:

DO NOT reply to the email, as they could ask you for your personal information. NEVER click on any attachments unless you are sure it's a legitimate email.

Please note: the sender’s email address and email subject can change, same content, different email, usually a strange gmail address. This is NOT actually from any campus group, as you can see from the generic email address.

4. Recent employment scam that is circulating:

DO NOT reply to the email, as they could ask you for your personal information. Please note: the sender’s email address and email subject can change. This is NOT actually from any campus group, as you can see from the generic email address.

5. Recent job hoax to be aware of and avoid:

Please be aware of External Emails requesting you to text someone for more information.  The scammer is trying to harvest more phone numbers to scam.

June 2021

Recent employment scam that is circulating:

DO NOT reply to the email, as they could ask you for your personal information. Please note: the sender’s email address and email subject can change. This is NOT actually from any campus group, as you can see from the generic email address.

May 2021

1. Recent research assistant scam to be aware of and avoid:

Note: the scammers typically include the names of real Binghamton University professors in their fake emails to trigger your interest. These “offers” are NOT legitimately from Binghamton University professors, and you should ALWAYS check the sender before doing anything. Binghamton University never sends out these types of emails, as all job openings are posted via Handshake.

2. Recent impersonation scam to be aware of and avoid:

This is a tricky one, as it looks like it’s legitimately from the Help Desk. However, the Help Desk will never send a message like this to anyone. And, if you look closely, you’ll notice that the email refers to Binghamton University as “binghamton.edu Corporation.” This is incorrect and a tell-tale sign that this is a scam impersonating the Help Desk. "Not receiving all your MAILS" ... notice the typo, a sure way to spot a fake.

April 2021

1. Recent student employment scam to be aware of and avoid:

DO NOT reply to the email, as they could ask you for your personal information.

Note: the sender’s email address is Gmail and not Bmail. This is NOT actually from any campus group, as you see the email address is generic, the content sounds unprofessional and there are typos.

2. Recent copyright infringement scam to be aware of and avoid:

DO NOT click on the link, as it could release malware onto your device.

Please note: the sender’s email address and email subject are off (see below for a similar scam from March). This is NOT actually from any campus group (notice the sender's email address is dot com not dot edu. Also, notice the typos and google site link. 

3. Employee portal scam to be aware of and avoid:

Be aware of this scam. DO NOT CLICK on the link or input any personal information. This scam has been reported by faculty and students.

March 2021

1. Research assistant scam to be aware of and avoid:

Please be aware of the following research assistant scam. The scammer seems to resend the same email with the professor’s name and “from” email address fluctuates. And, as you see the sender's email address is Gmail not Bmail. There is also a phone number outside of our area code. These are alerts that should trigger your sense into realizing it is a scam.

This job offer is NOT legitimate; the scammers are impersonating real Binghamton University professors. If you receive an email like this, please report it to security@binghamton.edu. 

2. This is illegitimate and not actually from the Internal Revenue Service (IRS). The IRS would never send an email like this for a refund.

January 2021

Recent COVID and CELL PHONE related scams to be aware of and avoid:

NEW cellphone number request scam: The scammers try to harvest cell phone numbers from individuals. Then they use those numbers to text additional scams, including the infamous gift card request scam. Unfortunately, there is not much to do, but to be aware of this, and to avoid scams such as this one.

Another popular COVID-19 related scam has been circulating to request users to fill out a Google Form. Remember, Binghamton University will never request Binghamton users to provide personal info. online such as social security numbers, user credentials, etc.

Notification of Phishing Website Targeting SUNY Users

Recently a phishing attack occurred at SUNY Canton with this link mimicking their Blackboard system: https://cantonschool.000webhostapp.com/

If you get any kind of communication with the following link mimicking our myCourses: https://binghamton.000webhostapp.com/, DO NOT CLICK, please report it to: security@binghamton.edu and https://www.000webhost.com/report-abuse.

October 2020

Job hoax to be aware of and avoid:

Please be aware of External Emails requesting you to text someone for more information.  The scammer is trying to harvest more phone numbers to scam.

September 2020

1. Job scam to be aware of and avoid:

Please be aware that while Athena Consulting (not Athen Consultants) is a legitimate organization, the below email is a phishing scam. Athenconsultants.com (in the sender's email address) is not a real company. 

2.Employment scam to be aware of and avoid:

Please be aware of the following job scam. Remember: unsolicited job offers are rarely legitimate. Legitimate offers will come from organizational emails like Handshake and Bmail (@binghamton.edu).

August 2020

Beware: Resurgence of “Impersonation” Email Gift Card Scam

Binghamton University is seeing a resurgence of “impersonation” email scams, targeting professors and administrative assistants. These messages appear to come from managers or deans, and ask the targeted user to purchase gift cards for them (i.e. iTunes, Amazon, GooglePlay, etc.). Once the attackers receive images of the purchased cards they cease communication.

Security Measures: For any communication requesting personal information or financial transactions, verify the legitimacy of the sender in as many ways possible. And let's be realistic! How many people do you know, family or friends, who would ask you via email to purchase gift cards for them? Many of the messages we have seen use email addresses such as user.binghamton.edu@gmail.com. At first glance this can look like a real Bmail address, but it’s actually a standard generic Gmail address.

If you receive a message that seems out of the ordinary, consider this: Would this person normally ask for this type of information/favor? Is this the actual email address of the sender? Instead of replying to the sent message, create a new email to the user’s actual BMail address to inquire about the request.

Note: Forward any suspicious messages to security@binghamton.edu as soon as possible.