Phishing Examples

Phishing attempts are emails (or phone calls) which appear to be legitimate and seek to steal your credentials.

These are active phishing attempts on Georgetown University email.  If you clicked on a link in a fraudulent email, go to another computer and change your password. You can also contact us at security@georgetown.edu.

Featured Recent Phishing

May 3, 2017

phish

April 24, 2017

shared document

April 21, 2017

library phish

April 17, 2017

Tax Phish

April 7, 2017

phish

April 5, 2017

March 22, 2017

March 22, 2017

March 15, 2017

Feburary 14, 2017

Which leads to:

January 3, 2017

December 22, 2016

Which takes you to:

December 7, 2016

December 6, 2016

November 23, 2016

November 16, 2016

November 2, 2016

November 1, 2016

October 31, 2016

Phishy

Which leads to,

October 11, 2016

 

October 3, 2016

September 28, 2016

Which leads to the following fake page:

September 16, 2016

September 15, 2016

Which leads to the following fake page:

August 27, 2016

 

April 22, 2016

February 18, 2016

February 17, 2016

February 10, 2016

January 26, 2016

January 6, 2016

I've Shared an item with you - IRS Tax Plan 2015/2016 phishing email screenshot

FAQs

Why do so many suspicious emails arrive in my mailbox? Doesn't GU UIS or Google filter and eliminate them?

GU UIS and/or Google captures quite literally millions of spam/phishing emails every week. Google catches virtually all spam and a fair amount of phishing, and UIS blocks known "bad actors" (fraudulent emails). However, phishing professionals are highly motivated and often change things like IP address ranges to evade detection.

The sheer volume means that even if UIS manages to block 99% of unwanted mail, the percentage that make it through is still quite visible. In addition, phishing attempts often are sent from "legitimate" accounts that have been hijacked, or spoofed to resemble such accounts.

As a university we are inherently open and outward-facing. We therefore do not have an option to "list" or categorize only those 'good actors' we choose to let in.

Finally, the phishing attempts we see today are far more complex and sophisticated. They are more likely to be organized and run by professional criminals with clearly defined targets; high motivation and patience to wait for someone to make a mistake and "click" on their link.

You can also report suspicious emails to:

1) phishingalert@georgetown.edu
2) reportphishing@antiphishing.org

The Report Phishing Work Group, a part of Stop.Think.Connect (http://www.stopthinkconnect.org/ resources/related-links), is a consoritum of ISP's, security vendors, financial institutions, and law enforcement agencies that use this address to combat phishing.