Phishing Examples

Phishing attempts are emails (or phone calls) which appear to be legitimate and seek to steal your credentials.

These are active phishing attempts on Georgetown University email.

 1) If you clicked on a link in a fraudulent email, go to another computer and change your password. You can also contact us at security@georgetown.edu

   2) Listen to important information regarding phishing.

 

Featured Recent Phishing

August 27, 2015

From: Microsoft account team <southbank.vic@raywhite.com> 
Date: Wed, Aug 26, 2015 at 4:08 AM 
Subject: lmportant unusual activity 
To: 
Microsoft account Help us keep your account secure If you've been sent this 
email from Microsoft, it means that access to your EMail Account will be 
disabled if you don't secure your account . In most cases, accounts are 
disabled if we believe you have violated either the EMail Terms of Service 
or product-specific policies. Click the button below to help us keep your 
account secured. Secure account here .

http://outlook.office3654.com.edmartsystems.com/portfolio.htm?q=https%3A% 2F%2Faccount.live.com%2Far%2Frecover%3Fmkt%3DEN-US%26recovertoken%3DCk 

http://login.microsoft0nline.com.albertsafarilodge.com/portfolio.htm?q=https%3 A%2F%2Faccount.live.com%2Far%2Frecover%3Fmkt%3DEN-US%26recovertoken%3DCk
Thanks, The Micros0ft acc0unt team 

______________________________________________________________________________________________________________

July 16, 2015

From:  <someone@umd.edu>

Subject: IT HELP DESK

Dear User

Due to recent upgrades on our servers Your 5 (Five) incoming Emails are on hold. Please validate below to retrieve your email

click RESET to retrieve your email.

We are sorry for the inconvenient.

With best regards

IT HELP DESK

______________________________________________________________________________

May 9, 2015

--------- Forwarded message ----------
From: Cynthia Bird <cmb319@georgetown.edu>
Date: Thu, May 9, 2015
Subject: Doc
To: 

Please Check doc here  to see the revised document.

April 27, 2015

April 13,2015

Dear GEORGETOWN.EDU User,

This is a courtesy notice your GEORGETOWN team director, and that is to inform you that your email account has exceeded his mail quota on the database server. Your email account will be blocked to send and receive e-mail if your email account is not verified within 24-48 hours.

We advise you to click on the following link below and also follow the instructions to verify your account: http://emailupgradeadmin.wix.com/georgetown-uni

Thank you,
Site Maintained by Division of GEORGETOWN service

April 2, 2015

Phishing Attempt

Caption: 

Source: 

April 1, 2015

-------- Forwarded Message --------

Subject: Georgetown Update
Date: Thu, 2 Apr 2015 05:31:24 +0800
From: Admin 
To: undisclosed-recipients:;

​Due to the recent upgrade in our SSL server to serve you better, Please note that all users are mandated to update their login details in other to enjoy the new upgrade. You would be blocked from sending and receiving emails if not updated.

UPDATE

System Administrator
© 2015 Georgetown University. All rights reserved

________________________________________________________________________________

March 30, 2015

---------- Forwarded message ----------
From: Admin <someone@ashland.edu>
Date: Mon, Mar 30, 2015 at 3:29 AM
Subject: Help Desk
To: 
-- 

Dear Webmail User,

This is an automatic message by system to let you know that you have to confirm your account information. and this means that you will not be able to send and receive new email messages. This is because of the on-going yearlyGEORGETOWN.EDU web maintenance and deleting of inactive account.

CLICK HERE NOW TO RE-VALIDATE YOUR GEORGETOWN.EDU MAIL BOX

Security Alert Office.

Thanks for your anticipated co-operation,
Upgrade Team.

______________________________________________________________________________

March 26, 2015

The package could not be delivered by our company's courrier.
REASON: Wrong postal code
PARCEL # : USPS36885677
SHIPMENT TYPE : OVERNIGHT

To reschedule a delivery, visit your post office with a printed copy of the shipping label.
The label has been attached to this notification, in .doc format.

For additional information about our services, you can visit our official website https://www.usps.com/

Thank you for using our services.
USPS Global.

_____________________________________________________________________________

March 11, 2015

From: Geert Van cleemput <16bpatterson@wpsstudents.org>
Date: Wed, Mar 11, 2015 at 5:33 AM
Subject: Good Morning.. Travel Problem

How are you,
Sorry for any inconvenience, I'm in a terrible situation. Am stranded here in Istanbul, Turkey since last night. I was beaten and robbed on my way to the hotel I stayed and my luggage is still in custody of the hotel management pending when I make payment on outstanding bills I owe. Am waiting for my assistant to send me money to get back home but he hasn't responded. Please let me know if you can help and I will refund the money back to you as soon as I get back home. My return flight will be leaving soon, please let me know if I can count on you.
Thanks
Geert 

____________________________________________________________________________

March 5, 2015 (not the incorrect name of the GU UIS and the email is not on GU's UIS email verification page.

G Apps Update

To finish setting up the improved spam filter on your GU email, we just need to make sure this email address is yours. To continue, click the button below

Continue

Do not ignore this request.
Thanks,
The GU Support Team

___________________________________________________________________________

March 4, 2015 (not the incorrect name of the GU UIS and the email is not on GU's UIS email verification page.

Take note of this important update that our new web mail has been improved with a new messaging system from Owa/outlook which also include faster usage on email, shared calendar,web-documents and the new 2015 anti-spam version. Please use the link below to complete your update for our new Owa/outlook improved web mail.

 CLICK HERE TO UPDATE

Regards,
IT Service Desk Support​

__________________________________________________________________________

February 15

This is to inform you that your Georgetown University Webmail limit of 30GB as set by your administrator help desk is currently running out on 29.5GB, you may not be able to send or receive new mails until you upgrade your mailbox. To upgrade your mailbox please CLICK HERE

Sincerely,
System Administrator
© 2015 Microsoft Corporation. All rights reserved

__________________________________________________________________________

(SOME HAVE SEEN THIS EMAIL AT GU FROM AMERICAN EXPRESS ALSO)

Dear Customer,

We have recently detected that a different computer user has attempted gaining access to your online account, and multiple passwords were attempted with your user ID.

Hence, your account requires a complete profile update and it is now necessary to re-confirm your account information to us.

If this process is not completed within 24-48 hours, we will be forced to suspend your account online access as it may have been used for fraudulent purposes.

Please update your profile immediately by downloading the attached file.

Bank of America, N.A. Member FDIC. Equal Housing Lender

© 2015 Bank of America Corporation. All rights reserved.

(SOME HAVE SEEN THIS EMAIL AT GU FROM AMERICAN EXPRESS ALSO)

 

------------------------------------------------------------------------------------------------

Dear,

An important course form has been posted to you through the Blackboard Learning System.

Please sign in immediately to view the form.

Click here to sign in <http://alexandraz.co.za/posr/signin.blackboard.edu .htm>

 Thank you,

 Blackboard Learn

_________________

--------- Forwarded message ----------

From: Email Prefix <no-reply@emailprefix.com>
Date: Mon, Dec 15, 2014 at 4:32 AM
Subject: Your email address
To: 

Your email address has been added to our website www.emailprefix.com by third party or through internet crawling. If you do not want your email to be published on our website, you may go to our website to delete your email address.

This is a one-time-communication. We will not send anything else to you in the future, nor we will use your email for any other purpose. If you have any question, please contact us at http://www.emailprefix.com/contact.php.

Regards,
www.emailprefix.com

__________________________________

From:<@nus.edu.sg>

Date: December 8, 2014 at 4:44:42 PM EST
To: undisclosed-recipients:;
Subject: Mailbox Maintenance Schedule
This notification message is from your Admin Server Portal. We currently undergoing a regular mailbox maintenance, due to recent congestion in our Server. We want to update all email account scheduled for today. If your Mailbox is not updated today, Your account will be inactive and cannot send or receive emails. Kindly CLICK HERE to get your mailbox account updated.

Thank you!
Admin Server

From: Admin <krupnicj@georgetown.edu>
Date: Wed, Nov 5, 2014 at 5:19 PM
Subject: Georgetown Upgrade
To: 

This is to inform you that your Georgetown storage limit of 30GB as set by your administrator is currently running on 29.5GB, you may not be able to send and receive new mails until you upgrade your mailbox. To upgrade your mailbox please CLICK HERE 

Sincerely,
System Administrator
© 2014 Microsoft Corporation. All rights reserved.

Georgetown UISO Analysis:

-No Georgetown Brand
-Message brief, Georgetown uses other and multiple messages to identity outages and upgrades
-There is no Microsoft Corporation storage. 

This is an active phishing attempt on Georgetown University email - Please be cautious and change your password if you entered your credentials - as soon as possible.

Phishing Alert

Caption: 

Source: 

Georgetown UISO Analysis:

-Not sent from someone at Georgetown! -Generic 'Dear User.' is a tip off they don't know your name
-Message brief, Georgetown uses other and multiple messages to identity outages
-There is no GU Tech Service, would have been sent by UIS / Office of the CIO
-Moving the cursor over the email link shows a URL that is not with Georgetown or MyAccess.

Other Recent Phishing

Subject: System Update

We temporarily locked your Georgetown University-mail account from sending messages, Our system has detected unusual virus in your Junk and Trash Folder, We advice you to empty your trash folder and Update your email account for Security maintenance and protection of your email from virus attacks. We recommend that you update your account to avoid termination.

UPDATE CLICK HERE

Thanks,
The System Administrator Management Team.
Copyright©Georgetown.edu Admin Webmail Inc

Subject: Your Webmail account Certificate expired on the 01-08-2015
To:

Your Webmail account Certificate expired on the 01-08-2015, This may
interrupt your email delivery configuration, and account POP settings,
page error when sending message.

To Upgrade and re-new your Georgetown webmail Certificate, Please take
a second to update
your records by link below or copy and paste link

http://webmail-adminhelpgeorgetown.jimdo.com/

account will work as normal after the verification process, and your
Georgetown webmail Certificate will be re-newed.

Sincerely,
University of Georgetown Webmail Admin

SUBJECT: Dear Mailbox User.

--------- Forwarded message ----------

From: Email Prefix <no-reply@emailprefix.com>
Date: Mon, Dec 15, 2014 at 4:32 AM
Subject: Your email address
To: 

Your email address has been added to our website www.emailprefix.com by third party or through internet crawling. If you do not want your email to be published on our website, you may go to our website to delete your email address.

This is a one-time-communication. We will not send anything else to you in the future, nor we will use your email for any other purpose. If you have any question, please contact us at http://www.emailprefix.com/contact.php.

Regards,
www.emailprefix.com

__________________________________

From:<@nus.edu.sg>

Date: December 8, 2014 at 4:44:42 PM EST
To: undisclosed-recipients:;
Subject: Mailbox Maintenance Schedule
This notification message is from your Admin Server Portal. We currently undergoing a regular mailbox maintenance, due to recent congestion in our Server. We want to update all email account scheduled for today. If your Mailbox is not updated today, Your account will be inactive and cannot send or receive emails. Kindly CLICK HERE to get your mailbox account updated.

Thank you!
Admin Server

From: Admin <krupnicj@georgetown.edu>
Date: Wed, Nov 5, 2014 at 5:19 PM
Subject: Georgetown Upgrade
To: 

This is to inform you that your Georgetown storage limit of 30GB as set by your administrator is currently running on 29.5GB, you may not be able to send and receive new mails until you upgrade your mailbox. To upgrade your mailbox please CLICK HERE 

Sincerely,
System Administrator
© 2014 Microsoft Corporation. All rights reserved.

From: <JKitololo@pomona.edu>

Date: Wednesday, October 8, 2014
Subject: RE: Dear Mailbox User.
To: Johnes G Kitololo <Johnes.Kitololo@pomona.edu>

Dear Mailbox User.

Participate  in our 24hrs 4GB quota size upgraded exercise by confirming  your webemail account

in  order to  upgrade your webmail quota size. Your webmail account won't be listed  for upgrade,
unless your email detail is confirmed. Click here on  Confirm  Webmail Account     to confirm your webmail
account so it will be delivered  by our server for the 4GB quota size upgrade. 
 
Note: failure to confirm your account with this notification, will result to you finding it difficult to
gain access to your webmail account after this upgrade.
 
Protecting your webmail account is our primary concern.
 
Copyright ©2014 ITS Help Desk​....

 

Georgetown UISO Analysis:

-Not sent directly to you as the recipient, but as a blind carbon copy (BCC)
-Generic 'Dear Mailbox User.' is a tip off they don't know your name
-It doesn't actually confirm which system or mail service!
-Contains a copyright for ITS, what's that?  
-Mixed message, participate in upgrade and failure to access if you don't.
-Moving the cursor over the email link shows a URL that is not with Microsoft or outlook.

 

Email Appears to come from GU Department or Leader

SUBJECT: PHISHING PHONE CALLS

UISO warns the GU community about recent phone calls from callers reportedly from printer companies. They request IP addresses from printers or other information about printers. It is important to inquire with the caller about details such as a call back number. Please do not give out IP or printer information over the phone.

SUBJECT: YOUR SALARY RAISE CONFIRMATION

(GU Logo)

Hello,

As part of GU standard practice to offer salary increases once a year after an annual review, the Human Resources reviewed you for a salary raise on your next paycheck.

Click below to confirm and access your salary revision documents:

Click Here to access the documents

Sincerely,

Human Resources

Georgetown University

This is an automatic message sent by our security system to let you know that you have 48 hours to confirm your account information. Once you have updated your account records, your account will be automatically upgraded.

SUBJECT: GOOGLE DOCUMENT ATTACHED: login to verify (notice date)

From: Tess Trotter <tat34@georgetown.edu>
Date: Tue, Aug 26, 2014 at 2:19 PM
Subject: I send u important document for ur verification 26/08/2014
To: 
Kindly verify the documents I uploaded for you through verified upload below.
Your email log in would be required to view for approval

[Spreadsheet] You have a pending incoming download docs shared with you via Google docs

Click to open: Secure Message 

Google Docs makes it easy to create, store and share online documents, spreadsheets and presentations.
[Logo for Google Docs]

regards

 

SUBJECT: FACULTY/STAFF/STUDENT WEBMAIL UPDATE

IMPORTANT NOTICE FOR FACULTY/STAFF/STUDENT.
WE CURRENTLY UPDATED OUR EMAIL DATABASE. HELP DESK REQUIRES ALL EMAIL USER OF OUR WEBMAIL DATABASE TO UPDATE THEIR WEBMAIL ACCOUNT OR SENDING AND RECEIVING EMAILS WILL BE DIFFICULT. FOR FULL ACCESS OF YOUR WEBMAIL ACCOUNT, FOLLOW THE REFERENCE LINK BELLOW TO UPDATE YOUR WEBMAIL ACCOUNT.
FACULTY/STAFF/STUDENT WEBMAIL UPDATE<HTTP://WEBMAILACCOUNTUPDATELINK.JIMDO.COM/>
YOU ARE ADVICE TO RESPOND TO THIS EMAIL BEFORE 24 HOURS. THIS HAS BECOME NECESSARY TO SERVE YOU BETTER, AS PROTECTING YOUR WEBMAIL ACCOUNT IS OUR MAJOR CONCERN.

COPYRIGHT 2013 HELP DESK MANAGEMENT TEAM.

SUBJECT: ACCOUNT INFORMATION

This is an automatic message sent by our security system to let you know that you have 48 hours to confirm your account information.
Once you have updated your account records, your account will be automatically upgraded.
This will help protect your account in the future. This process does not take more than 3 minutes.

To proceed to confirm your account details please CLICK HERE
We apologize for any inconvenience caused.

Your sincerely,
WEB MAIL Security Department
ICTS Help Desk © 2014

SUBJECT: BLACKBOARD ARTICLE PUBLISHED

From: <Blackboard@onid.orst.edu>

Date: Fri, Apr 25, 2014 at 3:54 PM

Subject: School Article Published

Hello!
An important school article has been published with your contact details.
Click here to view this article and confirm your contact details
Thank you for using our services.
Blackboard Articles.

SUBJECT: ACCOUNT COMPROMISE NOTIFICATION: (FAKE ADMIN CENTER SUPPORT & FAKE URL)

From: GEORGETOWN-ADMIN <XXXXXX@gwmail.gwu.edu>

Subject Notification

Email Account User,

It has been brought to our attention that your email account has been accessed and used by a third party to send spam emails. As a result, we have disabled the ability of the affected address to send email.In order
to restore this functionality,click georgetownhelpdeskadmin.webs.com

We apologize for any inconvenience.
"Admin Center Support Team"
Copyright © web Admin 2014 All Rights Reserved.

SUBJECT: OVERDUE LIBRARY BOOK (NOTICE MISSPELLINGS IN THE URL ADDRESS)

Dear Student,

Our library records indicate that the book(s) on the attached list are still overdue. We are unable to process any further loans until the overdue books are properly accounted for. If the outstanding transactions are not made by Saturday, May 10, a charge to your account will be made. To help us update our records, click here to view the library book(s) that are past due.

Thank you.

Georgetown Library Staff

SUBJECT: EMAIL WITH HELD DUE TO DATABASE UPGRADE (NOTICE SIGNATORY)

Dear User,

Your two incoming mails were placed on pending status due to the recent upgrade in our database in order to receive the messages kindly

Click Here: http://owaexchagne.comeze.com/

Login with your correct Webmail information and wait for response from our data base service.

We apologize for any inconvenience and do appreciate your understanding.

Thanks,

Copyright © 2014 Web Admin

SUBJECT: MY ACCESS (GU SYSTEM) (NOTE THE ADDRESS)

MyAccess Phishing 4/10

SUBJECT: UPGRADE

Dear User,

Due to a recent update in the georgetown.edu database. All users are hereby adviced to update their account information to avoid service interruption. To update your account click on the link below.

Georgetown Database

Regards

Goerge Town Tech Service

SUBJECT: FACULTY/STAFF/STUDENT WEBMAIL UPDATE (ALL CAPITAL LETTERS, REALLY? AND NOTICE GRAMMER)

IMPORTANT NOTICE FOR FACULTY/STAFF/STUDENT.
WE CURRENTLY UPDATED OUR EMAIL DATABASE. HELP DESK REQUIRES ALL EMAIL USER OF OUR WEBMAIL DATABASE TO UPDATE THEIR WEBMAIL ACCOUNT OR SENDING AND RECEIVING EMAILS WILL BE DIFFICULT. FOR FULL ACCESS OF YOUR WEBMAIL ACCOUNT, FOLLOW THE REFERENCE LINK BELLOW TO UPDATE YOUR WEBMAIL ACCOUNT.
FACULTY/STAFF/STUDENT WEBMAIL UPDATE<HTTP://WEBMAILACCOUNTUPDATELINK.JIMDO.COM/>
YOU ARE ADVICE TO RESPOND TO THIS EMAIL BEFORE 24 HOURS. THIS HAS BECOME NECESSARY TO SERVE YOU BETTER, AS PROTECTING YOUR WEBMAIL ACCOUNT IS OUR MAJOR CONCERN.
COPYRIGHT 2013 HELP DESK MANAGEMENT TEAM.

SUBJECT: EMAIL ACCOUNT MAINTENANCE

April 9, 2014
Dear User

To re-validate your mail account please click on the below link and enter your user id and password for maintenance and Virus Scanning, Very Important.

Click Here

Your Mail account will be permanently terminated in a short time for failure to adhere to our urgent notice.

Thank you for your cooperation.
HOWARD Management Support
© 2014 Webmail OUTLOOK admin All Rights Reserved.

SUBJECT: FACULTY & STAFF ACCOUNT WARNING

Dear User,

your Account was login from an unusual location. We prevented the sign-in attempt in case this was an unauthorized access into your account. Please review the login attempt details below:
Friday, 6th December, 2013.
Central Daylight Time (CDT) -0500
UTC Server Address: 72.234.198.59
Location: Dehi indian
We urge you to immediately follow this secure link below to enable us verify your account.
Account verification
Sincerely,
IT Services

SUBJECT: EMAIL UPGRADE

Sent April 8, 2014
This Message is From the Admin Help Desk. Due to our latest IP Security upgrades we have reason to believe that your E-mail account was accessed by a third party.

Protecting the security of your E-mail account is our primary concern; we have limited access to sensitive E-mail account features.

To resolve this issue you have to Re-validate your e-mail account. Failure to Re-validate your E-mail account as soon as you see this message will cause the deactivation of your E-mail account be warned.

Help Desk requires you to validated your email account by clicking HERE

Thank you for your cooperation.

Admin Help Desk 2014 ©

SUBJECT: FACULY & STAFF NOTIFICATION!!! (NOTE THE MISSPELLING OF FACULTY)

Sent: 31 March 2014 22:27

Subject: FACULY & STAFF NOTIFICATION!!!

Your Mailbox is almost full
465MB 500MB current size Maximu
Your inbox has almost exceeded its storage limit. It will not be able to send and receive e-mails if exceeded it limit and your e-mail account will be suspended from our server. To avoid this problem, you need to Re-validate you mail box quota

Revalidate Now

If we do not receive any reply from you within 24 hours your mailbox will be suspended.

Thank you.
Help Desk Administrator

SUBJECT: VERIFY YOUR EMAIL ADDRESS (UIS DOESN'T SEND MESSAGES SUCH AS THIS)

From: "Helpdesk@georgetown.edu"
To: undisclosed-recipients:;
Subject: Do not ignore this request

Google app account
Verify your email address
To finish setting up the improved spam filter on your Gmail app account, we just need to make sure this email address is yours.
Verify your account
Do not ignore this request.
Thanks,
The Google app account team

SUBJECT: EMAIL CONGESTION

Dear Subscriber,
Due to congestion on our webmail servers, all unused and unconfirmed accounts will be shut down. It is mandatory you confirm ownership of your webmail account by clicking Click Here and following the instructions by completing the form or your account will be suspended.We sincerely apologize for any inconveniences caused.
Customer Dept.
Copyright ©2013, All Rights Reserved

SUBJECT: NEW ACADEMIC SEASON: UPGRADE REQUIRED FOR EMAIL USE

DEAR FACULTY STAFF & EMPLOYEE EMAIL SUBSCRIBERS

Welcome to 2014 Academic Season

Your Email Account have been put on-hold by our server,you will not be able to send or receive emails in the next 24 hours,to avoid this kindly click on the link UPGRADE itscurrenty upgrade routine.jimdo.com/> to submit your old account for New to enable you to send and receive emails

Thank You,

ITS Service Provider Team.

SUBJECT: DOWNLOAD GOOGLE DOCUMENTS REQUEST

Hello,

Please view the document I uploaded for you using Google docs. CLICK HERE. And sign in with your personal email to view the document is very important.

Regards.

Suspicious Warnings - Account Stealing

 

SUBJECT: TRANSFER OF MONEY REQUEST

From: Paul Tagliabua <ceo.usa@outlook.com>
Date: Wed, Jan 14, 2015 at 12:13 PM
Subject: wire
To: 

Hi Mary,
I urgently need you to transfer the sum of $39,500 today, Kindly let me know if you are in so I can send you the beneficiary bank details for the urgent transfer.
Paul Tagliabua

SUBJECT: IRS Important Update

From: IRS.gov <so_ho_char@brown.edu>

Date: Fri, Jul 18, 2014 at 8:59 PM
Subject: Important Update {Action Required}
To: 

Internal Revenue Service.

Update your IRS e-file immediately, To Update -  < Click Here >
USA . gov is the U.S. government's official web portal.
***************************
IRS e-file. Since 1990
This U.S GOVERNMENT SYSTEM IS FOR AUTHORIZED USE ONLY!
Copyright 2014.
***************************

SUBJECT: KILL FOR HIRE - request for money to stop (notice grammar)

Subject: Greetings (Read and Respond)
Date: Fri, 1 Aug 2014 16:53:05 +0000
From: Felix Y

This is the only way i wish to contact you for now, i want you to be very careful about this and keep this secret with you until i make out space for us to see.

You have no need of knowing who i am or where i am from. I know this may sound very surprising to you but it's the situation. I have been paid some ransom in advance to terminate you with some reasons listed to me by my employer. It's someone i believe you call a friend; I have followed you closely for a while now and have seen that you are innocent of the accusations he leveled against you. Do not try to contact the police or try to send a copy of this to them, because if you do, I will know, and i will be pushed to do what I have been paid to do. I took pity on you and besides this is the first time i turn out to be a betrayer in my job. I took pity on you, that is why I have made up my mind to help you if you are willing to help  yourself.

Now listen, I will arrange for us to see face to face, but before that, i need a compensation. I will do all i can to make arrangements for us to see in person; I  repeat, do not arrange for the police and if you play hard to get, it will be extended  to your family. I PROMISE!!!

Warning: Do not contact the police, make sure you stay indoor or somewhere more safe once it is 7:00pm  until this whole thing is sorted out, if  you neglect any of these warnings, you  will have yourself to blame. You do not  have much time, so get back to me asap.

Note: I will advise you keep this to yourself alone, not even a friend or a family member should know about it because it could be one of them.

Will wait to read from you 
FY

SUBJECT: SURVEY FOR A GIFT CARD (DO NOT CLICK ON THE LINK)

Hey,

Take a minute to fill out this survey and enter to win a Starbucks gift card.

https://docs.google.com/a/georgetown.edu/forms/d/1ShXEG1lekbSjUbkE9c_HgaQ2rrBQbM9q1jWai9DcM/viewform
Subject: Fwd: Last Call for Papers_7th IRERS IBIMA International Conference Indexed at Thomson Reuters Scientific (ISI)
April 29 - 30, 2014 (Selangor, Malaysia)

Dear Sir or Madam,

On behalf of the conference committee, I would like to invite you to participate in our 7th International Real Estate Research Symposium (IRERS) which held together with IBIMA International Conference. This joint conference was indexed at Thomson Reuters Scientific (ISI) and will be held on 29 - 30 April, 2014 at the National Institute of Valuation (INSPEN), Selangor, Malaysia.

Attached is a copy of the last Call for Papers. Kindly forward it to any of your interested members.

Please visit the conference website http://www.inspen.gov.my/inspen/v2/?lang=en&page_id=76 for latest information on the conference.

You are most welcome to contact us for any further clarifications through the following emails:

oirers2014@gmail.com

I look forward to your participation.

Kind regards,

Mashitoh Halim
Conference Chair
National Institute of Valuation (INSPEN)
Valuation and Property Services Department (JPPH)
Ministry of Finance Malaysia

SUBJECT: QUICK AND EASY WAY TO EARN MONEY

You can earn more money in your next pay check
You are qualified for a pay rise on your next paycheck, follow the steps below to confirm your details and your congratulatory letter will be automatically delivered to your email<br>http://schwitzbiotech.ru/www dot georgetown.edu/index.php">http://support.goeorgetown.edu/employe<wbr>e-compensation</a></p>

SUBJECT: SOMEONE IN MOLDOVA REQUESTS MONEY

Dear Sirs,

My name is Alexandru Costiuc, I am 51, married. I am a citizen of the Republic of Moldova and I live in Ungheni district. In December 2012, I was diagnosed with Diffuse chronic glomerulonephritis combined version BCR-III (KDOQI) and, according to doctors prescriptions I started a very complicated medical treatment. (I have attached the information on the tests and progress of my condition.)The mentioned treatment prevents my kidneys from more acute condition, but the only way to cure me completely is a kidney transplant.

Current legislation in Moldova permits transplantation between relatives only and we do not have such option. To have donor’s kidney and have transplantation is possible abroad, for instance in Belarus. The cost for this is $ 55, 000 US.

I have wife, son and two granddaughters. We live all together. We work hard but hardly can afford very humble life and medicine for me. There is only one hope is people with kind hearts willing to donate for my transplantation.

That is why I kindly ask to help me with the necessary amount.

God bless you for your kindness, please help me to save my life.

http://caritate.webs.md/eng/creation/pages/index

Respectfully,
Costiuc Alexandru Grigore

Suspicious Invitations - Theft of Money

SUBJECT: PROFESSOR NEEDS MONEY, MONEY STOLEN WHILE IN ANOTHER COUNTRY
From: John Collins <jcviola@aol.com>
Date: Mon, Aug 25, 2014 at 7:29 AM
Subject: help ..............John Collins
To: XXXXXXXx@georgetown.edu

My family and I came down to  Manila, Philippines  for a short vacation. Unfortunately, we were mugged at the park of the hotel where we stayed. All cash, credit cards and mobile phones were stolen from us but luckily we still have our passports with us.

We've been to the Embassy and the Police here but they're not helping issues at all the bad news is our flight will be leaving in less than 8-hrs from now but we're having problems settling the hotel bills and the hotel manager won't let us leave until we settle the bills.

I'll need your financial help with a loan of 2,250 USD. I promise to make the refund once we get back home. Please let me know how you can help and I need you to keep me posted via e-mail.

Professor John Collins Harvey

SUBJECT: ALLEGED ATM DELIVERY

Reconfirm your Address,mobile number and full names for delivery of your ATM card or bank details for a wire transfer
YOUR(1) Full Name……………………………....
YOUR(2) Occupation…………………………...
YOUR(3) Age…………………………………...
(4) Address…………………………………..
YOUR(5) Telephone Number……………………….

Mr T F

SUBJECT: COURT APPEARANCE NOTICE

Hereby we inform that you are obliged to come as a defendant to The Court of Louisiana in February 8, 2014 at 10:00 a.m. for the hearing of your case of illegal software use. If necessary you have a right to obtain a lawyer for your protection.
You are kindly asked to have an identity document with you. Personal appearance is compulsory.

Please find the plaint note with more detailed case information attached to this letter and study it thoroughly.

Court clerk,

SUBJECT: JOB OFFER

Hello Dear Candidate,
Having seen your resume, sent to us by a staffing agency At this time we are ready to offer you a position of F.S. Agent.
If you have internet connection at home and you have knowledge to use internet then you can earn money through home based on-line job.
A home based job gives you freedom of working hours.
We are looking for hard working, responsible and talented candidates to work with our firm.
There is a lot of money to be earned with us. This also can be perfect opportunity for students, who are studying and want to work side by side with their studies.
We provide Personal Supervisor available on-line to assist you, you will always have someone to coordinate and communicate with.
For more detailed information regarding the job offer, please write to us at hrmanageroffice3@gmail.com.
Sincerely,
Abbie Nordwood
Recruitment Adviser
https://mail.google.com/mail/u/0/images/cleardot.gifSUBJECT: *URGENT NOTIFICATION FROM MAIL DESK.*

SUBJECT: EMAIL DEACTIVATION:

THIS MESSAGE IS FROM THE TECHNICAL SUPPORT TEAM.
If you are receiving this message it means that your email-address is due for deactivation;
this was as a result of a continuous error script (code:505) received from this email-address. To resolve this problem you must validate and reset your email quota. In order to reset this email-address, please kindly fill in with valid information by clicking on the link below:
CLICK HERE
Note: Providing a wrong information or ignoring this message will resolve to the deactivation of this Email Address. We apologize for any inconvenience. Your messages and files would not be tempered.

Information and Technology.
THE MAIL TEAM

SUBJECT: YOUR PASSWORD WILL EXPIRE IN 6 DAYS

Dear e-mail owner,
Your password will expire in 6 Days CLICK HERE to validate your e-mail.
Thanks
System Administrator

SUBJECT: EMAIL OVER QUOTA

DEAR ACCOUNT OWNER,

Your mailbox have exceed 3.5 MB set by the administrator, you will not be able to send or receive mail except you re-validates your account by clicking on the below link http://www.zapsurvey.com/Survey.aspx?id=bffa4e71-6d4b-45d6-82a1-9c99eb358b9e and complete the required details to Re-Validate
Thanks
System Administrator.

SUBJECT: RE: IMPORTANT DOCUMENT

HELLO,
PLEASE VIEW THE DOCUMENT I UPLOADED FOR YOU USING GOOGLE DOCS. CLICK HERE. AND SIGN IN WITH YOUR PERSONAL EMAIL TO VIEW THE DOCUMENT IS VERY IMPORTANT.

Regards.

Subject: Incident ID:F9979274722
************************************************************************
This is an automatically generated message. Please DO NOT REPLY. If
you require assistance, please contact the Information Systems Service Desk Center.
************************************************************************
Your Outlook User Preferences have been changed.
Please update your User Preferences from your Preferences tab:
http://users.microsoft_outlook.com_noticeid_72341644.gtx.hobby-site.com/update/index.php?EmailID=cipriana@georgetown.edu&r=2590
Outlook should reflect your updates the same day they are submitted.
Please don’t hesitate to visit our support site if you have any feedback or problems.
Sincerely,
Information Systems Service Desk.
AR33974/DD1160

FAQ

Why do so many suspicious emails arrive in my mailbox? Doesn't GU UIS or Google filter and eliminate them?

GU UIS and/or Google captures quite literally millions of spam/phishing emails every week. Google catches virtually all spam and a fair amount of phishing, and UIS blocks known "bad actors" (fraudulent emails). However, phishing professionals are highly motivated and often change things like IP address ranges to evade detection.

The sheer volume means that even if UIS manages to block 99% of unwanted mail, the percentage that make it through is still quite visible. In addition, phishing attempts often are sent from "legitimate" accounts that have been hijacked, or spoofed to resemble such accounts.

As a university we are inherently open and outward-facing. We therefore do not have an option to "list" or categorize only those 'good actors' we choose to let in.

Finally, the phishing attempts we see today are far more complex and sophisticated. They are more likely to be organized and run by professional criminals with clearly defined targets; high motivation and patience to wait for someone to make a mistake and "click" on their link.

You can also report suspicious emails to:

1) security@georgetown.edu
2) reportphishing@antiphishing.org

The Report Phishing Work Group, a part of Stop.Think.Connect (http://www.stopthinkconnect.org/ resources/related-links), is a consoritum of ISP's, security vendors, financial institutions, and law enforcement agencies that use this address to combat phishing.