About phishing
Phishing is a type of online scam where criminals send an email that appears to be from a legitimate company and ask you to provide sensitive information. This is usually done by including a link that will appear to take you to the company’s website to fill in your information – but the website is a clever fake and the information you provide goes straight to the crooks behind the scam.
The term ’phishing’ is a spin on the word fishing, because criminals are dangling a fake ’lure’ (the email that looks legitimate, as well as a website that looks legitimate) hoping users will ’bite’ by providing the information the criminals have requested – such as credit card numbers, account numbers, passwords, usernames, and more.
How do I spot a phishing email?
- The email doesn’t specify your name.
"Dear Customer" or “Dear” isn’t an identifier. If you receive an email like this, there is a very high chance that this is a phishing email.
- The email asks you to confirm personal information.
Keep an eye out for emails requesting you to confirm personal information that you normally do not disclose.
3 signs you are possibly being scammed:
1. You are being pressured to act immediately. Scammers may pose as someone or an organization you know and say there is a problem that needs immediate attention. DO NOT act unless you have verified the person who has contacted you is legitimate.
2. You're asked to provide personal information and/or verification codes. When in doubt, DO NOT disclose this type of information. Most organizations will not ask for this information when conducting business with you.
3. You're asked to pay or submit payment in an unusual way. Be wary if you are asked to pay by gift cards, payment apps, or digital currency.
These are the latest campaigns seen by the Information Security Office. If you receive any other kinds of scamming or phishing messages, please forward the message to phishing@rice.edu.
Around 2024/04/22 - 11:52 to 12:08
Hiring For Research Position Research Opportunity Available Student Research Positions Part-Time Job Opening
The email impersonates Rice's user Daniel J. Preston - djp. It is a Part-Time job/research opportunity scam asking interested people from Rice and others to contact via phone (424) 265- 2730.
Around 2024/04/22 - 11:52 to 12:08
Subject: Hiring For Research Position Research Opportunity Available Student Research Positions Part-Time Job Opening
To: undisclosed-recipients
Sun Apr 21 2024 01:00:00 GMT-0500 (Central Daylight Time)
Working for RICE University - REMOTE JOBS
This person(s) is operating a job scam. The message had a URL that pointed to a phishing (credential harvesting) website asking to log in with Rice credentials to view the job details.
Sun Apr 21 2024 01:00:00 GMT-0500 (Central Daylight Time)
Subject: Working for RICE University - REMOTE JOBS
To: undisclosed-recipients
2024/04/22 - 11:12:18 (UTC -05:00)
Research Assistance Needed Data Science Research Position On -Campus Research Opportunity Data Science Research
The email impersonates Rice's user Rebecca Schreib - rjs7. It is a Part-Time job scam asking interested people from Rice and others to contact via phone (772-245-7264).
2024/04/22 - 11:12:18 (UTC -05:00)
Subject: Research Assistance Needed Data Science Research Position On -Campus Research Opportunity Data Science Research
To: undisclosed-recipients
Around 2024/04/19 - 15:32 to 16:40
"Global Account Manager – Accenture" "Visual Assistant (Remote)" "Expense Management Team Member" "Technology Expense Management (TEM) Operations Manager"
The email impersonates a member of Arkansas State University. Mention about providing part-time employment for qualified students, and ask them to send the resume to career@valuespendulum[.]com
Around 2024/04/19 - 15:32 to 16:40
Subject: "Global Account Manager – Accenture" "Visual Assistant (Remote)" "Expense Management Team Member" "Technology Expense Management (TEM) Operations Manager"
To: undisclosed-recipients
Sat, 20 Apr 2024 14:13:07 PM (CDT)
Remote Assistant Position
The email impersonates a member of Arkansas State University. It is a Remote Assistant job scam asking interested people from Rice and others to send in their resume to employment@shahryaranaviation[.]com
Sat, 20 Apr 2024 14:13:07 PM (CDT)
Subject: Remote Assistant Position
To: undisclosed-recipients
Sat Apr 20 2024 18:30:00 GMT-0500 (Central Daylight Time)
1022790- Clinical Research Coordinator, Intervention Study
The email impersonates Rice's user Jacky Jiang - hj37. It is a Part-Time job scam asking interested people from Rice and others to send in their resume to employment@regemedical[.]com
Sat Apr 20 2024 18:30:00 GMT-0500 (Central Daylight Time)
Subject: 1022790- Clinical Research Coordinator, Intervention Study
To: undisclosed-recipients
2024/04/17 - 17:09:19 (UTC -05:00)
We have received your FAFSA
The email urged users to click the link to access "FAFSA." Upon clicking, they were directed to a site masquerading as a Rice login page, prompting them to input their credentials. The email is sent from the compromised account "sf5@rice[.]edu".
2024/04/17 - 17:09:19 (UTC -05:00)
Subject: We have received your FAFSA
To: undisclosed-recipients
2024/04/17 - 15:26:14 (UTC -05:00)
Technology Expense Management (TEM) Operations Manager
The attacker purports to be "Beth Rivera," stating that she assists in the company's recruitment efforts. The email is sent from the compromised account "aer2@rice[.]edu".
2024/04/17 - 15:26:14 (UTC -05:00)
Subject: Technology Expense Management (TEM) Operations Manager
To: undisclosed-recipients
2024/04/17 - 08:05:00 (UTC -05:00)
Submission failed
The email urged users to click the link to download a file. Upon clicking, they were directed to a site masquerading as a Rice login page, prompting them to input their credentials.
2024/04/17 - 08:05:00 (UTC -05:00)
Subject: Submission failed
To: undisclosed-recipients
2024/04/17 - 08:41:03 (UTC -05:00)
Rice University has received your FAFSA
The email urged users to click the link to access "myScholarships." Upon clicking, they were directed to a site masquerading as a Rice login page, prompting them to input their credentials.
2024/04/17 - 08:41:03 (UTC -05:00)
Subject: Rice University has received your FAFSA
To: undisclosed-recipients
2024/04/15 - 10:59:00 (UTC - 5:00)
On-campus Remote Job Opportunity-Work as a Research Assistant-Graduate and Undergraduate Students of Rice University
Sender claims to be Professor Michael Orchard offering part-time employment at Rice. Message prompts users to send their resume, full name, department, year of study, alternative mail address, and functional phone number to prof_orchard@outlook[.]com.
2024/04/15 - 10:59:00 (UTC - 5:00)
Subject: On-campus Remote Job Opportunity-Work as a Research Assistant-Graduate and Undergraduate Students of Rice University
To: undisclosed-recipients
Around 2024/04/11 - 16:45 to 16:52
LOCAL JOB AD!
The attacker says that the people who receive this message have been randomly selected for the virtual assistant position. Require the recipients to send a copy of the resume to the attacker Gmail.
Around 2024/04/11 - 16:45 to 16:52
Subject: LOCAL JOB AD!
To: undisclosed-recipients
2024/04/03 - 17:31:15 (UTC -05:00)
JOB OPPORTUNITY Casting PAID background actresses
The sender claims to be a member of "Santa Monica College" and offers a job. This is how the sender tried to communicate with users.
2024/04/03 - 17:31:15 (UTC -05:00)
Subject: JOB OPPORTUNITY Casting PAID background actresses
To: undisclosed-recipients
2024/04/01 - 13:58:18 (UTC -05:00)
For your own safety, I highly recommend reading this email.
The hacker says that the people who receive this message have access to inappropriate videos thanks to the viruses they have previously infected their phones and computers. They will publish them if they do not pay the requested money.
2024/04/01 - 13:58:18 (UTC -05:00)
Subject: For your own safety, I highly recommend reading this email.
To: undisclosed-recipients
2024/03/29 - 09:36:42 (UTC -05:00)
Attention Please!!! Own A Welding Machine And Tools Box
The attacker collects people's information(mail/email address) by telling them, Mrs. Patricia Martin (Human Resources at Rice University) will donate her father's Welding machine.
2024/03/29 - 09:36:42 (UTC -05:00)
Subject: Attention Please!!! Own A Welding Machine And Tools Box
To: undisclosed-recipients
2024/03/29 - 09:35:00 (UTC -05:00)
Data Entry Assistant (100% Work From Home Part Time)
This is a phishing message for a fake data entry job opportunity that requests user to download a file and apply the job.
2024/03/29 - 09:35:00 (UTC -05:00)
Subject: Data Entry Assistant (100% Work From Home Part Time)
To: undisclosed-recipients
2024/03/29 - 19:12:24 (UTC -05:00)
Late Fee Reminder.
The email prompted users to click on the link to open the document, leading them to a site that encouraged them to download the file. Once they clicked the button to download, a new tab was opened with a site that posed as a Rice login site, prompting users to enter their login credentials.
2024/03/29 - 19:12:24 (UTC -05:00)
Subject: Late Fee Reminder.
To: undisclosed-recipients
3/29/2024 ~9:30
Data Entry Assistant (100% Work From Home Part Time)
This is a phishing message for a fake data entry job opportunity that requests user to reply with a resume or name and phone number to a secondary account dr.stevenstout@aol[.]com. Please DO NOT REPLY/SEND any personal info to the listed email address.
3/29/2024 ~9:30
Subject: Data Entry Assistant (100% Work From Home Part Time)
To: undisclosed-recipients
Thu, 28 Mar 2024 22:19:20 PM (CDT)
PAST DUE FEE !!
The email prompted users to click the link to open the document, leading them to a site that encouraged them to download the file. Once they clicked the button to download, a new tab was opened with a site that posed as a Rice login site, prompting users to enter their login credentials.
Thu, 28 Mar 2024 22:19:20 PM (CDT)
Subject: PAST DUE FEE !!
To: undisclosed-recipients
2024/03/28 - 21:51:40 (UTC -05:00)
PAST DUE NOTICE!
The email prompted users to click on the link to open the document, which led them to a site encouraging them to download the file. Once they clicked the button to download, a new tab was opened with a site that posed as a Rice login site, prompting users to enter their login credentials.
2024/03/28 - 21:51:40 (UTC -05:00)
Subject: PAST DUE NOTICE!
To: undisclosed-recipients
2024/03/29 - 01:38:23 (UTC -05:00)
PAST DUE BILL !!
The email prompted users to click on the link to open the document, which led them to a site encouraging them to download the file. Once they clicked the button to download, a new tab was opened with a site that posed as a Rice login site, prompting users to enter their login credentials.
2024/03/29 - 01:38:23 (UTC -05:00)
Subject: PAST DUE BILL !!
To: undisclosed-recipients
2024/03/28 - 15:06 - 16:01 (UTC -06:00)
URGENT: Print and submit document.
Email prompted users to click on link to open document which led them to a site prompting them to download the file. Once they clicked the button to download, a new tab was opened with a site that posed as a Rice login site prompting users to enter their login credentials.
2024/03/28 - 15:06 - 16:01 (UTC -06:00)
Subject: URGENT: Print and submit document.
To: undisclosed-recipients
2024/03/27 - 07:39:59 (UTC -05:00)
WARNING: OVERDUE FEE.
This is a phishing message with a link to a website requesting a file download. Please DO NOT click link, download any attachments, or enter any user credentials. The site is not an official representative. Text heading:
2024/03/27 - 07:39:59 (UTC -05:00)
Subject: WARNING: OVERDUE FEE.
To: undisclosed-recipients
Fri Mar 22 2024 01:00:00 GMT-0500 (Central Daylight Time)
Urgent: Monkeypox Exposure Alert - Take Immediate Action!
This is a phishing message with a link to a credential harvesting site. Please DO NOT click link, download any attachments, or enter any user credentials. The site is not an official representative. Text heading:
Fri Mar 22 2024 01:00:00 GMT-0500 (Central Daylight Time)
Subject: Urgent: Monkeypox Exposure Alert - Take Immediate Action!
To: undisclosed-recipients
2024/03/21 - 09:11:16 (UTC -05:00)
Your (FSA) ACCOUNT
This is a phishing message with a link to a credential harvesting site. Please DO NOT click link, download any attachments, or enter any user credentials. The site is not an official representative. Text heading:
2024/03/21 - 09:11:16 (UTC -05:00)
Subject: Your (FSA) ACCOUNT
To: undisclosed-recipients
2024/03/20 - 07:31:49 (UTC -05:00)
Important Information About Your HealthEquity Account
This is a phishing message with a link to a credential harvesting site. Please DO NOT click link, download any attachments, or enter any user credentials. The site is not an official representative. Text heading:
2024/03/20 - 07:31:49 (UTC -05:00)
Subject: Important Information About Your HealthEquity Account
To: undisclosed-recipients
Between 2024/03/15 and 2024/03/18
Rice University:Approved Beneficial Program
This is a phishing message with a link to a credential harvesting site. Please DO NOT click link, download any attachments, or enter any user credentials. The site is not an official representative. Text heading:
Between 2024/03/15 and 2024/03/18
Subject: Rice University:Approved Beneficial Program
To: undisclosed-recipients
2024-02-22T18:28:47Z
Inquiry...
2024-02-22T18:28:47Z
Subject: Inquiry...
To: undisclosed-recipients
2024/02/19 - 18:56:57 (UTC -06:00)
Action Required NetID@rice.edu
This is a phishing message with a malicious link to a credential harvesting site requesting to accept an invite to download and view a fake payment invoice. Please DO NOT click link, download any attachments, or enter any user credentials. The site is not an official representative. Text heading:
2024/02/19 - 18:56:57 (UTC -06:00)
Subject: Action Required NetID@rice.edu
To: undisclosed-recipients
2024/02/20 - 08:09:08 (UTC -06:00)
Research Mentor Opportunity | Harvard PhD
This is a phishing message for a fake job offer that requests user to reply with full name, email address, and other personal info. Please DO NOT REPLY/SEND any personal info to the listed email address or phone number. Text header:
2024/02/20 - 08:09:08 (UTC -06:00)
Subject: Research Mentor Opportunity | Harvard PhD
To: undisclosed-recipients
2024/02/08 - 2024/02/09
(Remote) Personal Assistance Email Confirmation
This campaign is employment fraud. It is a phishing message for a fake job opportunity that requests user to click on a Google form link and reply with full name, personal email address, physical address, phone number, gender, and age. Please DO NOT REPLY/SEND any personal info to the listed email address or phone number. Please DO NOT click the link, or download any attachments.
2024/02/08 - 2024/02/09
Subject: (Remote) Personal Assistance Email Confirmation
To: undisclosed-recipients
2024/02/08 - 09:13:28 (UTC -06:00)
Rice University Employees: Retirement Planning Sessions Available
This is a phishing message for a fake retirement benefits meeting that requests user to reply with full name, email address, and other personal info. Please DO NOT REPLY/SEND any personal info to the listed email address or phone number. Text header:
2024/02/08 - 09:13:28 (UTC -06:00)
Subject: Rice University Employees: Retirement Planning Sessions Available
To: undisclosed-recipients
2024/02/03 - 11:41:26 (UTC -06:00)
OPEN SLOTS!!
This is a phishing message for a fake job offer that requests user to reply with full name, email address, and other personal info. Please DO NOT REPLY/SEND any personal info to the listed email address or phone number. Text header:
2024/02/03 - 11:41:26 (UTC -06:00)
Subject: OPEN SLOTS!!
To: undisclosed-recipients
2024/02/03 - 11:15:00 (UTC -06:00)
Essential Information About Your HealthEquity Account
This is a phishing message with a link to a credential harvesting site requesting to accept an invite to download and view a fake payment invoice. Please DO NOT click link, download any attachments, or enter any user credentials. The site is not an official representative. Text heading:
2024/02/03 - 11:15:00 (UTC -06:00)
Subject: Essential Information About Your HealthEquity Account
To: undisclosed-recipients
2024/02/02 - 08:40
A new payment schedule has been approved.
This is a phishing message masquerading as an extortion attempt. Please DO NOT REPLY/SEND any personal or payment information to the listed email address or wallet. Text header:
2024/02/02 - 08:40
Subject: A new payment schedule has been approved.
To: undisclosed-recipients
2024/01/28 - 10:19:15 (UTC -06:00)
Office of Financial Aid | Students Employment
This is a phishing message for a fake job offer that requests user to reply with full name, email address, and other personal info. Please DO NOT REPLY/SEND any personal info to the listed email address or phone number. Text header:
2024/01/28 - 10:19:15 (UTC -06:00)
Subject: Office of Financial Aid | Students Employment
To: undisclosed-recipients
2024/01/28 - 10:19:15 (UTC -06:00)
Office of Financial Aid | Students Employment
This is a phishing message for a fake job offer that requests user to reply with full name, email address, and other personal info. Please DO NOT REPLY/SEND any personal info to the listed email address or phone number. Text header:
2024/01/28 - 10:19:15 (UTC -06:00)
Subject: Office of Financial Aid | Students Employment
To: undisclosed-recipients
2024/01/26 - 13:13
STUDENTS INFORMATION SUPPORT
This is a phishing message for a fake research assistant job opportunity that requests user to reply with full name, email address, and years of study and department. Please DO NOT REPLY/SEND any personal info to the listed email address or phone number. Text header:
2024/01/26 - 13:13
Subject: STUDENTS INFORMATION SUPPORT
To: undisclosed-recipients
Between 2024/01/24 and 2024/01/25
Response for you're doing.
This is a phishing message masquerading as an extortion attempt. Please DO NOT REPLY/SEND any personal or payment information to the listed email address or wallet. Text header:
Between 2024/01/24 and 2024/01/25
Subject: Response for you're doing.
To: undisclosed-recipients
2024/01/23 | 6:30 - 12:20
Student Research Opportunity
This is a phishing message for a fake research assistant job opportunity that requests user to reply with full name, email address, and years of study and department. Please DO NOT REPLY/SEND any personal info to the listed email address or phone number. Text header:
2024/01/23 | 6:30 - 12:20
Subject: Student Research Opportunity
To: undisclosed-recipients
2024/01/22 - 09:30
Student Research Opportunity
This is a phishing message for a fake research assistant job opportunity that requests user to reply with full name, email address, and years of study and department. Please DO NOT REPLY/SEND any personal info to the listed email address or phone number. Text header:
2024/01/22 - 09:30
Subject: Student Research Opportunity
To: undisclosed-recipients
2024/01/22 | 8:29 AM - 9:39 AM
Student Research Opportunity
This is a phishing message for a fake research assistant job opportunity that requests user to reply with full name, email address, and years of study and department. Please DO NOT REPLY/SEND any personal info to the listed email address or phone number. Text header:
2024/01/22 | 8:29 AM - 9:39 AM
Subject: Student Research Opportunity
To: undisclosed-recipients
2024/01/18 - 11:08
UNDERGRADUATE RESEARCH ASSISTANT NEEDED
2024/01/18 - 11:08
Subject: UNDERGRADUATE RESEARCH ASSISTANT NEEDED
To: undisclosed-recipients
2024/01/11 - 16:02:18 (UTC -06:00)
DS & SDE at Amazon
2024/01/11 - 16:02:18 (UTC -06:00)
Subject: DS & SDE at Amazon
To: undisclosed-recipients
2024/01/11 between 3:03pm CST to 3:05pm CST
Email Confirmation
2024/01/11 between 3:03pm CST to 3:05pm CST
Subject: Email Confirmation
To: undisclosed-recipients
Other Scams
If you receive any other kind of scamming or phishing message, please send a ticket to helpdesk@rice.edu.