Phishing Examples

Phishing attempts are emails (or phone calls) which appear to be legitimate and seek to steal your credentials.

These are active phishing attempts on Georgetown University email.  If you clicked on a link in a fraudulent email, go to another computer and change your password. You can also contact us at security@georgetown.edu.

Featured Recent Phishing

September 28, 2016

Which leads to the following fake page:

September 16, 2016

September 15, 2016

Which leads to the following fake page:

August 27, 2016

 

April 22, 2016

February 18, 2016

February 17, 2016

February 10, 2016

January 26, 2016

January 6, 2016

I've Shared an item with you - IRS Tax Plan 2015/2016 phishing email screenshot

FAQs

Why do so many suspicious emails arrive in my mailbox? Doesn't GU UIS or Google filter and eliminate them?

GU UIS and/or Google captures quite literally millions of spam/phishing emails every week. Google catches virtually all spam and a fair amount of phishing, and UIS blocks known "bad actors" (fraudulent emails). However, phishing professionals are highly motivated and often change things like IP address ranges to evade detection.

The sheer volume means that even if UIS manages to block 99% of unwanted mail, the percentage that make it through is still quite visible. In addition, phishing attempts often are sent from "legitimate" accounts that have been hijacked, or spoofed to resemble such accounts.

As a university we are inherently open and outward-facing. We therefore do not have an option to "list" or categorize only those 'good actors' we choose to let in.

Finally, the phishing attempts we see today are far more complex and sophisticated. They are more likely to be organized and run by professional criminals with clearly defined targets; high motivation and patience to wait for someone to make a mistake and "click" on their link.

You can also report suspicious emails to:

1) phishingalert@georgetown.edu
2) reportphishing@antiphishing.org

The Report Phishing Work Group, a part of Stop.Think.Connect (http://www.stopthinkconnect.org/ resources/related-links), is a consoritum of ISP's, security vendors, financial institutions, and law enforcement agencies that use this address to combat phishing.