Computing & Information Services

Email Threats

Don't take the bait! This page shows example email threats, such as phishing scams, that you should avoid. Phishers are fishing for your personal information, such as passwords and credit card numbers. Never provide this information by replying or following links in the email. Under no circumstances will CUS or other members of the CIS department ask for your password. If in doubt about the legitimacy of an email, contact CUS. To learn how to keep yourself protected, visit our phishing page.

To report a phishing scam you receive, email it (with full headers) to report-phish@reed.edu.

Google Doc scam - Posted

Be careful with emails from people you don't know linking to what purport to be trusted sites. Hover your mouse over the link to see where it really goes! In this case, www.flowersnemotions.com, not Google at all! Phishers also use Google docs to collect names and passwords, so beware of those as well.

From: Matthew Jarvinen <towerchutes@aol.com>
Date: Mon, Feb 23, 2015 at 7:33 AM
Subject: Important, view attachment
To:


Hello,
An important document sent to you via Google Docs Apps.
Google Drive: create, share, and keep all your stuff in one place.Logo for Google Drive


Regards,
Matthew Jarvinen

Bank details request - Posted

Phishers will often browse a company or school web page to harvest names of important people at the school, and specially craft targeted emails. Since these are specially directed emails they are called spear phishing.

Hi Tracy,

Hope you are having a splendid day. I want you to quickly email me the details you will need to help me process an outgoing wire transfer to another bank.

I will appreciate a swift email response.

Regards,

John K.

See please. Thank you - Posted

Variations of this email are trying to trick community members into updating their contact information. The link redirects to a "wix.com" website requesting information such as date of birth, username, password, and email address. Do not submit your information!

From: Angelo, Dana
Date: December 20, 2014
To: undisclosed recipients
Subject: See please. Thank you

Please open and update!

Reed College Contact Update

Mail News Update! - Posted

Here is another phishing message making its rounds within the community. Don't forget it's easy to spoof the "From" address in a message so don't assume the message is legit even if you recognize the sender's address. The URL in the message actually links to a different non-Reed website (see image below).

From: Reed College <mailupdatenews@reed.edu>
Subject: Mail News Update!
To: Recipients <mailupdatenews@reed.edu>


This Email is from Reed College, we will be making some vital E-mail account maintenance to ensure high quality in Internet connectivity in the 2014 fight against spam and improve security, all Mail-hub systems will undergo regularly scheduled maintenance.

To confirm and to keep your account active during and after this process
Kindly Click or copy  the Universal Web Link and fill the following
information: http:/reed.edu/mail_update

Reed College•
3203 SE Woodstock Blvd, Portland, OR 97202•


Here is what the phish website looks like:


Another phishing message

REED College Web Login - Posted

This phishing message is cleverly crafted and at first glance appears to be authentic. The sender name is similar to an actual staff member, and the link redirects to a nearly identical looking Reed Web Login page. Look closely at the URL and you will see it is bogus. Do not be fooled by this one!

From: "Access Services Assistant"
Subject: REED College Web Login

Dear User,

It has recently been observed that some users have difficulty logging into REED College Web. Please use this link to check your access.
If you can't login, contact at jconor@reed.edu.

Yours sincerely,

Janice Conor
Access Services Assistant
Reed College Library
3203 SE Woodstock Boulevard
Portland, OR 97202-8199
(503) 777-7552
jconor@reed.edu


If you follow the link in the message, the website looks like this:


Web Login phish

 View Threat History

How to maintain this page ( CIS only )