Skip to content

Phish Bowl

spar

The Phish Bowl is a new tool designed to promote phishing awareness. Phishing is the top social attack on organizations, responsible for more than 90% of security breaches. There is no concrete way to prevent phishing attacks, therefore, awareness is our strongest line of defense. As phishing messages are reported to the Office of Cybersecurity, they will be posted here along with a verdict and a date. Phishing messages come in a variety of formats.

Did you receive an email with questionable legitimacy? Report it to abuse@uthsc.edu and a security analyst will investigate the message. We will provide a confirmation about the email's legitimacy and post it here depending on the impact and how elaborate the message is. 

Verdict  Subject  Date Abstract

Confirmed Phish

[Ext] Send me your available cell number  

OR

[Ext] (without a subject line)

8/7 - 8/12/20201

These are similar phishing attempts to the ones reported back in April, 2021, where Deans' and Department Heads' names are spoofed from a @gmail.com account asking for cell phone information. 

Confirmed Phish

Payroll Forms

I would like to make a change

8/4/2021

These are external email addresses trying to spoof people in our community trying to get their payroll direct deposit changed to a banking account the bad guys control. 

Payroll has specific procedures in place to change your direct deposit. See https://uthsc.edu/finance/payroll/ for information. 

Confirmed Phish

Numerous subject lines throughout June and beyond

A notification of an "auto-renewal" for a service you didn't subscribe to. Most seen is Norton Anti-virus, but also PayPal and Geek Squad. They give a phone number to call if you want to dispute the charge. DON'T CALL THE NUMBER. If you do, they will want your credit card or banking account number "to verify the purchase". You just gave away your information to the bad guys. 

Confirmed Phish

[Ext] Fwd: IMPORTANT: A message From University of Tennessee Health Science Center 6/9/2021

"Dear Employee - You have a New Message from UTHSC Employee Portal" - This phish is not from UTHSC. 

Confirmed Phish

[Ext] Quick request 6/9/2021

"Kindly send me your available cell number -"

The name of Department Chairs are being spoofed to make these phishing email look like they are coming from them asking for a favor. Do not reply to these askiing for a cell number. 

Confirmed Phish

[Ext] PO 345345# University of Tennessee 6/8/2021

"Please VIEW Attached" - the "attached" is a word document that has malicious link imbedded in it. It also wants you to click a link to "login" and give away your credentials.

Confirmed Phish

[Ext] (no subject) 6/4/2021

"Give me your cell number, I need you to take care of something."

Numerous members of our campus had their name spoofed by a GMail address looking to get people's cell numbers.

Confirmed Phish

[Ext] eScanner-564-08 | Scan Notification | 4 May, 2021 5/4/2021

"You have received a fax document" - wanting you to click a link in an email.

Legitimate Email

[Ext] HealthStream Alerts 5/3/2021

This is a legitimate email about required HIPAA training.

Confirmed Phish

[Ext] #In_Voice #Number: 4/30/2021

Renewal of Norton anti-virus that you didn't sign up for. Wanting the recipient to call a phone number so they can be socially engineered

Confirmed Phish

[Ext] Urgent Action Required 2/17/2021

"Your mailbox is almost full" but comes from an external email address. 

Legitimate Email

[Ext] McLean Employee Experience Survey 1/14/2021

UTHSC has contracted with McLean & Company for a survey

Legitimate Email

UT Test Results !!! 12/28/2020

An encrypted email, with test results. 

Confirmed Phish

PART TIME JOB 12/29/2020

Offering a great salary for part-time work, they want your personal information. 

Note this one wasn't external, but from a compromised email account.

Confirmed Phish

[Ext] For faculty/staff: Dean hides author's identity 11/30/2020

Wants you to search for a YouTube clip. 

Confirmed Phish

[Ext] Payroll Error  11/17/2020

Greetings,  I will like to know if you received my previous message concerning the error from the payroll department. (Email coming from an address in France)

Confirmed Phish [Ext] Win $11k to fund your dream activity for your college club! 11/4/2020 We are giving $11,000 in funding to the best campus idea!
Being a college student is challenging right now....
Legitimate Email  [[Ext]  unlock access to your LinkedIn Learning account 11/2/2020 Email from UTK inviting you to use LinkedIn Learning
Confirmed Phish   [Ext] Subscription Auto-Renewal Alert   10/29/2020  This email is to inform you that your Subscription for your NETWORK Firewall is going to be auto-renewed............
Confirmed Phish [Ext] Required-Notification  10/29/2020 Password Expiry - Office-365

Last Published: Aug 12, 2021