Welcome to the Phish Bowl

How do I spot a phishing email?

3 signs you are possibly being scammed:

These are the latest campaigns seen by the Information Security Office. If you receive any other kinds of scamming or phishing messages, please forward the message to phishing@rice.edu.

2024/11/01 - 06:44 - 08:21:13 (UTC -05:00)

Campus financial aid, work study and internship

Scammer posing as Rice financial aid targeted students with fake job application asking for personal information such as major, phone number, and an alternate email address

2024-11-03 - 18:20 - 18:29 (UTC -05:00)

Exciting Call for Participation

Job scam that asked students for their full name, resume, cell phone number, department, and year of study

2024-10-31 - 08:02 - 08:10 (UTC -05:00)

Campus financial aid, work study and internship

Same as previous post, just with a different sender address

2024-10-31 - 08:16 - 08:31 (UTC -05:00)

Campus financial aid, work study and internship

Scammer posing as Rice financial aid targeted students with fake job application asking for personal information such as major, phone number, and an alternate email address

2024-10-16 - 2024-10-18

Rehoming of Some Musical Instruments !!!

Malicious actor poses as Rice professor who is looking to give away musical instruments, message contains secondary reply-to adddress: balcine1942@outlook[.]com

2024/10/03 - 2024/10/07

Vacant Positions for undergraduate & Alumni Vacant Positions

It contains a pdf with application instructions. They request that recipients share their name, phone number, and email address by replying to the email address.

2024/10/14 - 10:26:10 (UTC -05:00)

A new payment plan has been authorized.

The attacker alleges they possess inappropriate videos of the recipients and threatens to release them to friends, family, or colleagues if the demanded payment is not made.

2024/10/09 - 19:23:04 (UTC -05:00)

Career Opportunity undergraduate and graduate job application undergraduate job applicattion Vacant Positions for undergraduate Vacant Positions for undergraduate & Alumni

It contains a pdf with application instructions. They request that recipients share their name, phone number, and email address by replying to the email address.

2024/10/09 - 19:23:04 (UTC -05:00)

Career Opportunity undergraduate and graduate job application undergraduate job applicattion Vacant Positions for undergraduate Vacant Positions for undergraduate & Alumni

It contains a pdf with application instructions. They request that recipients share their name, phone number, and email address by replying to the email address.

TEST

TEST

TEST

2024/10/09 - 19:18

undergraduate job applicattion

It contains a pdf with application instructions. They request that recipients share their name, phone number, and email address by replying to the email address.

2024/10/03 - 21:08:49 (UTC -05:00)

Vacant Positions Internship Positions Career Opportunity

It contains an attachment with application instructions. They request that recipients buy some equipment and then promise to refund their money.

2024/10/07 - 12:55:28 (UTC -05:00)

Reginald DesRoches

The attacker pretended to be "Reginald DesRoches" and requested the recipients' phone numbers right away.

2024/09/30 08:09 - 11:26 (UTC -5:00)

Assistant Position (Rice University)

Sender posed as JAW management in scam campaign targeting students and faculty

2024/09/26 - 22:51:24 (UTC -05:00)

You have been hacked

The attackers allege that the user was hacked by them. They threaten to share the user's videos on social media if the debt is not paid.

2024/09/16 - 10:43:06 (UTC -05:00)

Research Position ( Rice University)

Sender posed as member of a Rice dean's office and Rice professor Gisela Heffes to obtain students' full name, email addresses, year of study, and department

2024/09/13 08:26 (UTC -5:00) - 08:30 (UTC -5:00)

Internship and Work Study Programs

Sender posed as CCD advertising student jobs on campus in order to obtain students' major, phone number and alternate email address (continuation of earlier campaign with a new address)

2024/09/11 - 14:01:38 (UTC -05:00)

RICE UNIVERSITY

The attacker impersonates Andrew Billing to donate a piano.

2024/09/12 06:58 (UTC -5:00) - 9:06 (UTC -5:00)

Internship and Work Study Programs

Sender posed as CCD advertising student jobs on campus in order to obtain students' major, phone number and alternate email address

2024/09/06 11:25 (UTC -05:00) - 2024/09/06 12:41 (UTC - 05:00)

Open position (Rice University) Research Assistant (Rice University) Position Assistant (Rice University)

Sender posed as member of a Rice dean's office and Rice professor Gisela Heffes to obtain students' full name, email addresses, year of study, and department

2024/09/04 - 2024/09/05

Data Analysis Project Assistant Rice.edu

The attacker impersonates Professor Dan S. Wallach to offer remote research assistant positions.

2024/09/04 - 2024/09/05

Data Analysis Project Assistant Rice.edu

The attacker impersonates Professor Dan S. Wallach to offer remote research assistant positions.

2024/09/02 - 07:27:23 (UTC -05:00)

Employment Internship Program

The content of email just include an attachment with no hash record. The file name is "internship.txt".

2024/09/02 - 10:20:57 (UTC -05:00)

Virtual Office Needed

The content of email just include an attachment with no hash record. The file name is "Job Offer Details".

2024/08/30 - 05:29:37 (UTC -05:00)

Rice University funds transfer.

The email contains a link that requests your Social Security Number and bank card information.

2024/08/28 - 12:12:28 (UTC -05:00)

Retired Staff Member's Generous Donation: Musical Instruments

The attacker impersonates Michelle Kaltenbach to donate two instruments.

2024/08/10 - 07:40:54 (UTC -05:00)

Summer Notice! Generosity of Mrs. Julie Francis

The attacker impersonates Elaine Britt to sell welding machines.

2024/07/31 - 07:51:22 (UTC -05:00)

Disposal Of TIG Welding Tools And Equipment

The attacker impersonates Reginald DesRoches to sell welding machines.

2024/07/26 - 16:13:21 (UTC -05:00)

Document shared with you: Compensation_statement_for_faculty_and_staff_members_at_ Rice University.docx

The email contains a link to a webpage with a button labeled "pay_status," which redirects to a Google Form requesting credentials and a DUO passcode.

Mon Jul 29 2024 01:00:00 GMT-0500 (Central Daylight Time)

Job scam. They are providing the gmail address to the users to contact with them.

2024/07/22 - 08:16:44 (UTC -05:00)

Generous Offer: Acquire High-Quality Equipment

The attacker assumes Charles Bartel's identity by selling some professional equipment. He is from "Duquesne University".

2024/07/22 - 10:19:18 (UTC -05:00)

WELDER TOOLS

The attacker impersonates George Andrews (George.Andrews@rice[.]edu) to sell welding machines.

2024/07/22 - 10:19:18 (UTC -05:00)

WELDER TOOLS

The attacker assumes George Andrews's identity.

2024/07/15 - 08:42:50 (UTC -05:00)

RESEARCH ASSISTANT POSITION

Fake job opportunities from a Russia company.

2024/07/09 - 15:01:15 (UTC -05:00)

Urgent request Quick response

The attacker is requesting a prompt call from the user.

2024/07/05 - 11:48:59 (UTC +08:00)

Academic Achievement Data Analyst, Personal Assistance, Bookkeeper Flexible Job Program & internship DATA ANALYST, PERSONAL ASSISTANTS, BOOKKEEPER

Job Scam and the emails include the attachments.

2024/07/07 - 10:07:04 (UTC -05:00)

I own very sensitive information about your web activities

The attacker is trying to intimidate users and extort money by saying that s/he has their records and that s/he will publish these records publicly if they do not deposit the money s/he wants.

2024/06/30 - 06:15:25 (UTC -05:00)

I own very sensitive information about your web activities

Threaten users and extort Bitcoin.

2024/06/26 - 19:12:57 (UTC -05:00)

APPLICATION FORM OPPORTUNITY SEEKERS

Fake job opportunities asking for personal data.

Tue Jun 25 2024 01:00:00 GMT-0500 (Central Daylight Time)

A variant of the recipients name

Messages are variants of the following. , H‎e‎llo thi‎s‎‎ is‎ t‎he S‎t‎ud‎ent‎-Lo‎a‎‎n‎ De‎bt D‎epartmen‎t‎. ‎We ‎tried‎ to‎ contac‎t ‎y‎‎‎ou a‎t ‎you‎r h‎om‎e ‎and d‎i‎d no‎t‎ h‎ea‎r back. ‎‎Y‎‎ou‎‎r Studen‎t L‎oan‎s ‎hav‎e ‎b‎e‎e‎n‎ m‎‎a‎r‎‎ked‎ a‎s‎ p‎o‎‎ssi‎b‎ly‎ e‎ligib‎le for forgi‎ven‎e‎‎ss ‎u‎n‎der th‎‎e‎ ‎‎n‎e‎w ‎202‎‎4‎ gui‎d‎eli‎n‎es. Yo‎‎u‎r case‎ nu‎mber ‎i‎s ‎, a‎nd ‎yo‎u‎r f‎i‎‎‎le‎ ‎w‎‎‎ill remain op‎‎en ‎in‎ m‎y syste‎m‎ f‎o‎r o‎n‎ly‎‎‎ one m‎o‎r‎‎‎e‎ ‎‎d‎‎a‎y‎. ‎If you c‎o‎u‎ld ‎‎plea‎s‎e g‎iv‎‎e‎‎ y‎ou‎r‎ ‎de‎d‎i‎ca‎‎ted el‎ig‎ibil‎ity l‎ine‎ ‎a c‎‎all a‎t‎‎: (8‎55)‑78‎9‎‑‎15‎‎8‎‎0. O‎ur‎ ‎‎‎of‎‎‎‎f‎‎i‎‎‎c‎‎e h‎‎‎our‎s‎ ‎ar‎e ‎‎9‎‎a‎m‎-‎‎5p‎‎‎m‎ ‎(‎‎P‎‎‎S‎‎T‎)‎‎‎ ‎‎M‎ond‎a‎y‎‎-‎‎F‎r‎i‎da‎‎‎y‎‎‎.‎‎ ‎T‎‎h‎a‎‎n‎‎‎‎k‎‎‎‎‎ ‎‎‎‎y‎ou‎‎‎‎ s‎‎o ‎m‎‎‎u‎‎c‎‎h‎ ‎‎a‎‎nd ‎‎w‎‎‎e h‎‎op‎‎e‎‎ ‎to‎ ‎‎‎‎hea‎‎‎‎r ‎‎‎f‎‎‎r‎‎‎o‎‎m‎ ‎‎y‎ou ‎‎s‎‎o‎‎o‎‎n.

2024/06/24 - 10:54:57 (UTC -05:00)

Remote work for Graduates-Undergraduates

The attacker alleges that a job offer is available. There is an attachment containing a job description. The file hash of this attachment is unknown to OSINT sources.

2024/06/21 - 10:31:38 (UTC -05:00)

JOB OFFER

It is a job scam. The content of the email just includes an attachment.

2024/06/19 - 14:18:42 (UTC -05:00)

Academic Career Opportunity

The attacker claims to be hiring for UNCEF and require users' personal email addresses and phone numbers.

2024/06/19 - 16:00:02 (UTC -05:00)

NetID@rice.edu Retrieve incoming messages!!!

The attacker created a falsified header. The email claimed that the user's emails were stopped for a reason and instructed the user to click a link, which then asked for the user's credentials to view their emails.

2024/06/06 - 16:00:57 (UTC -05:00)

Reginald DesRoches

The attacker is requesting users to promptly provide their phone numbers.

2024/06/12 - 19:33:17 (UTC -05:00)

ACT NOW ENROLL NOW JOB OPPORTUNITIES PREVIEW NOW

The attacker sent over 700 emails with a different subject line, but the email content contained the same attachment. The hash of the attached file is unknown.

2024/06/12 - 01:06:28

Payroll System Update

Email claims come from Rice University and includes an attachment by DocuSign, it says it is related to payroll system. When you click the link in the DocuSign, it redirects to a website which looks like a Rice login page.

2024/06/04 - 10:48:44 (UTC -05:00)

Your personal data has leaked due to suspected harmful activities.

The attacker is trying to intimidate users and extort money by saying that s/he has their records and that s/he will publish these records publicly if they do not deposit the money s/he wants.

2024/06/03 - 17:59:26 (UTC -05:00)

Someone Messaged You

The email appears to be from "Junta de Andalucía (Government Administration)". The email encourages the user to change their passwords.

2024/05/22 - 08:03:08 (UTC -05:00)

Your order has shipped!

The email appears to be from Walmart. Within the message, it prompts users regarding a $900 Walmart gift card and how they wish to obtain it. It emphasizes that for any queries, they can contact the specified number.

2024/05/20 - 10:42:56 (UTC -05:00)

Your personal data has leaked due to suspected harmful activities.

The attacker is trying to intimidate users and extort money by saying that s/he has their records and that s/he will publish these records publicly if they do not deposit the money s/he wants.

2024/05/17 - 10:03:11 (UTC -05:00)

EXECUTIVE ASSISTANT POSITION AVAILABLE

It is a Part-Time job/research opportunity scam asking interested people from Rice.

2024/05/14 - 12:18:41 (UTC -05:00)

Reginald DesRoches

The attacker is requesting users to promptly provide their phone numbers.

2024/05/13 - 12:25:04 (UTC -05:00)

"The subject line is blank."

The email is pretending to be from Rice's users. Inquire about recipients' phone numbers to enlist their assistance.

2024/05/10 - 10:05:33 (UTC -05:00)

Delivery Status Notification (editing needed).

The attacker is trying to intimidate users and extort money by saying that s/he has their records and that s/he will publish these records publicly if they do not deposit the money s/he wants.

2024/05/09 - 16:53:50 (UTC -05:00)

Are you available now ?

The email impersonates Rice's user Ashutosh Sabharwal - ashu. The attacker urges users to contact him promptly and requests that users assist him in carrying out an urgent errand from any nearby store.

2024/05/07 - 08:57:40 (UTC -05:00)

Your personal data has leaked due to suspected harmful activities.

The attacker is trying to intimidate users and extort money by saying that s/he has their records and that s/he will publish these records publicly if they do not deposit the money s/he wants. The IP belongs to "Brazil".

2024/05/06 - 00:47:11 (UTC -05:00)

[ECEADMINSTAFF-L] Security status not satisfied.

The attacker is trying to intimidate users and extort money by saying that s/he has their records and that s/he will publish these records publicly if they do not deposit the money s/he wants. The IP belongs to "Indonesia".

2024/05/03 - 17:55:52 (UTC -05:00)

Student Assistant Needed Research Positions Available

The email impersonates Rice's user Daniel J. Preston - djp. It is a Part-Time job/research opportunity scam asking interested people from Rice and others to contact via phone (424) 265- 2730.

2024/05/03 - 09:02:50 (UTC -05:00)

Reginald DesRoches

The attacker is requesting users to promptly provide their phone numbers.

2024/05/03 - 13:27:29 (UTC -05:00)

Your 403b account needs attention.

The sender pretends to be "district-benefits[.]org" and endeavors to communicate by discussing its benefits.

2024/05/01 - 07:09:53 (UTC -05:00)

Urgently needed your response Are you free? Your response is needed

The email, which pretends to be from Professor Reginald DesRoches of Rice University and other high-ranking such as Professors Jamie Ellen Padgett and Ross Thyer, is carefully written to deceive. It cleverly tries to manipulate the recipient into contacting them urgently.

2024/04/30 - 11:11:52 (UTC -05:00)

Spring and Fall Employment Opportunity for Graduate and Undergraduate Students

The email impersonates Rice's user Dan Wallach - dwallach. It is a Part-Time job/research opportunity scam asking interested people from Rice and others to contact via email "d.wallach@outlook[.]com".

2024/04/30 - 10:27:43 (UTC -05:00)

Do you have some minutes?

The email impersonates Rice's user Professor Matteo Pasquali - mp. The attacker tried to connect the users with this way. Also, email includes a malicious link.

2024/04/29 - 02:56:49 (UTC -05:00)

this is for you

The attacker is trying to intimidate users and extort money by saying that s/he has their records and that s/he will publish these records publicly if they do not deposit the money s/he wants.

2024/04/29 - 05:32:30 (UTC -05:00)

Payment Advice Copy-000026042024-VIRAL ENTERPRISE

The email contains a harmful attachment. The sender asserts it's a "payments execution."

2024/04/27 - 21:47:25 (UTC -05:00)

Security status not satisfied.

The attacker is trying to intimidate users and extort money by saying that s/he has their records and that s/he will publish these records publicly if they do not deposit the money she wants.

2024/04/26 - 16:40:52 (UTC -05:00)

HR and Employment Relations Information Session

The sender tells the recipients that their job applications have been accepted and that they will receive an informative e-mail in the future, and leaves their information for those who want to contact " intern@blasystems[.]com"

Around 2024/04/22 - 11:52 to 12:08

Hiring For Research Position Research Opportunity Available Student Research Positions Part-Time Job Opening

The email impersonates Rice's user Daniel J. Preston - djp. It is a Part-Time job/research opportunity scam asking interested people from Rice and others to contact via phone (424) 265- 2730.

Sun Apr 21 2024 01:00:00 GMT-0500 (Central Daylight Time)

Working for RICE University - REMOTE JOBS

This person(s) is operating a job scam. The message had a URL that pointed to a phishing (credential harvesting) website asking to log in with Rice credentials to view the job details.

2024/04/22 - 11:12:18 (UTC -05:00)

Research Assistance Needed Data Science Research Position On -Campus Research Opportunity Data Science Research

The email impersonates Rice's user Rebecca Schreib - rjs7. It is a Part-Time job scam asking interested people from Rice and others to contact via phone (‪772-245-7264‬).

Around 2024/04/19 - 15:32 to 16:40

"Global Account Manager – Accenture" "Visual Assistant (Remote)" "Expense Management Team Member" "Technology Expense Management (TEM) Operations Manager"

The email impersonates a member of Arkansas State University. Mention about providing part-time employment for qualified students, and ask them to send the resume to career@valuespendulum[.]com

Sat, 20 Apr 2024 14:13:07 PM (CDT)

Remote Assistant Position

The email impersonates a member of Arkansas State University. It is a Remote Assistant job scam asking interested people from Rice and others to send in their resume to employment@shahryaranaviation[.]com

Sat Apr 20 2024 18:30:00 GMT-0500 (Central Daylight Time)

1022790- Clinical Research Coordinator, Intervention Study

The email impersonates Rice's user Jacky Jiang - hj37. It is a Part-Time job scam asking interested people from Rice and others to send in their resume to employment@regemedical[.]com

2024/04/17 - 17:09:19 (UTC -05:00)

We have received your FAFSA

The email urged users to click the link to access "FAFSA." Upon clicking, they were directed to a site masquerading as a Rice login page, prompting them to input their credentials. The email is sent from the compromised account "sf5@rice[.]edu".

2024/04/17 - 15:26:14 (UTC -05:00)

Technology Expense Management (TEM) Operations Manager

The attacker purports to be "Beth Rivera," stating that she assists in the company's recruitment efforts. The email is sent from the compromised account "aer2@rice[.]edu".

2024/04/17 - 08:05:00 (UTC -05:00)

Submission failed

The email urged users to click the link to download a file. Upon clicking, they were directed to a site masquerading as a Rice login page, prompting them to input their credentials.

2024/04/17 - 08:41:03 (UTC -05:00)

Rice University has received your FAFSA

The email urged users to click the link to access "myScholarships." Upon clicking, they were directed to a site masquerading as a Rice login page, prompting them to input their credentials.

2024/04/15 - 10:59:00 (UTC - 5:00)

On-campus Remote Job Opportunity-Work as a Research Assistant-Graduate and Undergraduate Students of Rice University

Sender claims to be Professor Michael Orchard offering part-time employment at Rice. Message prompts users to send their resume, full name, department, year of study, alternative mail address, and functional phone number to prof_orchard@outlook[.]com.

Around 2024/04/11 - 16:45 to 16:52

LOCAL JOB AD!

The attacker says that the people who receive this message have been randomly selected for the virtual assistant position. Require the recipients to send a copy of the resume to the attacker Gmail.

2024/04/03 - 17:31:15 (UTC -05:00)

JOB OPPORTUNITY Casting PAID background actresses

The sender claims to be a member of "Santa Monica College" and offers a job. This is how the sender tried to communicate with users.

2024/04/01 - 13:58:18 (UTC -05:00)

For your own safety, I highly recommend reading this email.

The hacker says that the people who receive this message have access to inappropriate videos thanks to the viruses they have previously infected their phones and computers. They will publish them if they do not pay the requested money.

2024/03/29 - 09:36:42 (UTC -05:00)

Attention Please!!! Own A Welding Machine And Tools Box

The attacker collects people's information(mail/email address) by telling them, Mrs. Patricia Martin (Human Resources at Rice University) will donate her father's Welding machine.

2024/03/29 - 09:35:00 (UTC -05:00)

Data Entry Assistant (100% Work From Home Part Time)

This is a phishing message for a fake data entry job opportunity that requests user to download a file and apply the job.

2024/03/29 - 19:12:24 (UTC -05:00)

Late Fee Reminder.

The email prompted users to click on the link to open the document, leading them to a site that encouraged them to download the file. Once they clicked the button to download, a new tab was opened with a site that posed as a Rice login site, prompting users to enter their login credentials.

3/29/2024 ~9:30

Data Entry Assistant (100% Work From Home Part Time)

This is a phishing message for a fake data entry job opportunity that requests user to reply with a resume or name and phone number to a secondary account dr.stevenstout@aol[.]com. Please DO NOT REPLY/SEND any personal info to the listed email address.

Thu, 28 Mar 2024 22:19:20 PM (CDT)

PAST DUE FEE !!

The email prompted users to click the link to open the document, leading them to a site that encouraged them to download the file. Once they clicked the button to download, a new tab was opened with a site that posed as a Rice login site, prompting users to enter their login credentials.

2024/03/28 - 21:51:40 (UTC -05:00)

PAST DUE NOTICE!

The email prompted users to click on the link to open the document, which led them to a site encouraging them to download the file. Once they clicked the button to download, a new tab was opened with a site that posed as a Rice login site, prompting users to enter their login credentials.

2024/03/29 - 01:38:23 (UTC -05:00)

PAST DUE BILL !!

The email prompted users to click on the link to open the document, which led them to a site encouraging them to download the file. Once they clicked the button to download, a new tab was opened with a site that posed as a Rice login site, prompting users to enter their login credentials.

2024/03/28 - 15:06 - 16:01 (UTC -06:00)

URGENT: Print and submit document.

Email prompted users to click on link to open document which led them to a site prompting them to download the file. Once they clicked the button to download, a new tab was opened with a site that posed as a Rice login site prompting users to enter their login credentials.

2024/03/27 - 07:39:59 (UTC -05:00)

WARNING: OVERDUE FEE.

This is a phishing message with a link to a website requesting a file download. Please DO NOT click link, download any attachments, or enter any user credentials. The site is not an official representative. Text heading:

Fri Mar 22 2024 01:00:00 GMT-0500 (Central Daylight Time)

Urgent: Monkeypox Exposure Alert - Take Immediate Action!

This is a phishing message with a link to a credential harvesting site. Please DO NOT click link, download any attachments, or enter any user credentials. The site is not an official representative. Text heading:

2024/03/21 - 09:11:16 (UTC -05:00)

Your (FSA) ACCOUNT

This is a phishing message with a link to a credential harvesting site. Please DO NOT click link, download any attachments, or enter any user credentials. The site is not an official representative. Text heading:

2024/03/20 - 07:31:49 (UTC -05:00)

Important Information About Your HealthEquity Account

This is a phishing message with a link to a credential harvesting site. Please DO NOT click link, download any attachments, or enter any user credentials. The site is not an official representative. Text heading:

Between 2024/03/15 and 2024/03/18

Rice University:Approved Beneficial Program

This is a phishing message with a link to a credential harvesting site. Please DO NOT click link, download any attachments, or enter any user credentials. The site is not an official representative. Text heading:

2024-02-22T18:28:47Z

Inquiry...

2024/02/19 - 18:56:57 (UTC -06:00)

Action Required NetID@rice.edu

This is a phishing message with a malicious link to a credential harvesting site requesting to accept an invite to download and view a fake payment invoice. Please DO NOT click link, download any attachments, or enter any user credentials. The site is not an official representative. Text heading:

2024/02/20 - 08:09:08 (UTC -06:00)

Research Mentor Opportunity | Harvard PhD

This is a phishing message for a fake job offer that requests user to reply with full name, email address, and other personal info. Please DO NOT REPLY/SEND any personal info to the listed email address or phone number. Text header:

2024/02/08 - 2024/02/09

(Remote) Personal Assistance Email Confirmation

This campaign is employment fraud. It is a phishing message for a fake job opportunity that requests user to click on a Google form link and reply with full name, personal email address, physical address, phone number, gender, and age. Please DO NOT REPLY/SEND any personal info to the listed email address or phone number. Please DO NOT click the link, or download any attachments.

2024/02/08 - 09:13:28 (UTC -06:00)

Rice University Employees: Retirement Planning Sessions Available

This is a phishing message for a fake retirement benefits meeting that requests user to reply with full name, email address, and other personal info. Please DO NOT REPLY/SEND any personal info to the listed email address or phone number. Text header:

2024/02/03 - 11:41:26 (UTC -06:00)

OPEN SLOTS!!

This is a phishing message for a fake job offer that requests user to reply with full name, email address, and other personal info. Please DO NOT REPLY/SEND any personal info to the listed email address or phone number. Text header:

2024/02/03 - 11:15:00 (UTC -06:00)

Essential Information About Your HealthEquity Account

This is a phishing message with a link to a credential harvesting site requesting to accept an invite to download and view a fake payment invoice. Please DO NOT click link, download any attachments, or enter any user credentials. The site is not an official representative. Text heading:

2024/02/02 - 08:40

A new payment schedule has been approved.

This is a phishing message masquerading as an extortion attempt. Please DO NOT REPLY/SEND any personal or payment information to the listed email address or wallet. Text header:

2024/01/28 - 10:19:15 (UTC -06:00)

Office of Financial Aid | Students Employment

This is a phishing message for a fake job offer that requests user to reply with full name, email address, and other personal info. Please DO NOT REPLY/SEND any personal info to the listed email address or phone number. Text header:

2024/01/28 - 10:19:15 (UTC -06:00)

Office of Financial Aid | Students Employment

This is a phishing message for a fake job offer that requests user to reply with full name, email address, and other personal info. Please DO NOT REPLY/SEND any personal info to the listed email address or phone number. Text header:

2024/01/26 - 13:13

STUDENTS INFORMATION SUPPORT

This is a phishing message for a fake research assistant job opportunity that requests user to reply with full name, email address, and years of study and department. Please DO NOT REPLY/SEND any personal info to the listed email address or phone number. Text header:

Between 2024/01/24 and 2024/01/25

Response for you're doing.

This is a phishing message masquerading as an extortion attempt. Please DO NOT REPLY/SEND any personal or payment information to the listed email address or wallet. Text header:

2024/01/23 | 6:30 - 12:20

Student Research Opportunity

This is a phishing message for a fake research assistant job opportunity that requests user to reply with full name, email address, and years of study and department. Please DO NOT REPLY/SEND any personal info to the listed email address or phone number. Text header:

2024/01/22 - 09:30

Student Research Opportunity

This is a phishing message for a fake research assistant job opportunity that requests user to reply with full name, email address, and years of study and department. Please DO NOT REPLY/SEND any personal info to the listed email address or phone number. Text header:

2024/01/22 | 8:29 AM - 9:39 AM

Student Research Opportunity

This is a phishing message for a fake research assistant job opportunity that requests user to reply with full name, email address, and years of study and department. Please DO NOT REPLY/SEND any personal info to the listed email address or phone number. Text header:

2024/01/18 - 11:08

UNDERGRADUATE RESEARCH ASSISTANT NEEDED

2024/01/11 - 16:02:18 (UTC -06:00)

DS & SDE at Amazon

2024/01/11 between 3:03pm CST to 3:05pm CST

Email Confirmation

Other Scams

If you receive any other kind of scamming or phishing message, please report it to phishing@rice.edu.