Skip to content

Phish Bowl

spar

The Phish Bowl is a new tool designed to promote phishing awareness. Phishing is the top social attack on organizations, responsible for more than 90% of security breaches. There is no concrete way to prevent phishing attacks, therefore, awareness is our strongest line of defense. As phishing messages are reported to the Office of Cybersecurity, they will be posted here along with a verdict and a date. Phishing messages come in a variety of formats.

Did you receive an email with questionable legitimacy? Report it to abuse@uthsc.edu and a security analyst will investigate the message. We will provide a confirmation about the email's legitimacy and post it here depending on the impact and how elaborate the message is. 

Verdict  Subject  Date Abstract

Confirmed Phish

BE A STAR FOR NFL

12/1/2021

A too good to be true scam, offering $350 for you to put a decal on your car. All they want is your banking information along with other personal info.

Confirmed Phish

[Ext] "Recipient's Name"

11/26/2021

About 50 people on campus recieved emails from Gmail accounts that spoofed the name of someone in their organization chart. The email stated "I have a request I need you to do discreetly". This is the classic start to a gift card scam. 

Confirmed Phish

Robo calls from a 448 number

11/3/2021

People are receiving phone calls from a spoofed 901-448-XXXX number so that it looks like it is coming from on campus, however it is not. The phone number is just spoofed, or copied, to make it look like an internal number so there would be a better chance of someone answering. 

Confirmed Phish

[Ext] Fwd: Dog/Pet sitter

10/1/2021

Like others we’ve seen for “part-time employment” this one is a “too good to be true” scam

Confirmed Phish

[Ext] Send me your available cell number  

OR

[Ext] (without a subject line)

8/7 - 8/12/20201

These are similar phishing attempts to the ones reported back in April, 2021, where Deans' and Department Heads' names are spoofed from a @gmail.com account asking for cell phone information. 

Confirmed Phish

Payroll Forms

I would like to make a change

8/4/2021

These are external email addresses trying to spoof people in our community trying to get their payroll direct deposit changed to a banking account the bad guys control. 

Payroll has specific procedures in place to change your direct deposit. See https://uthsc.edu/finance/payroll/ for information. 

Confirmed Phish

Numerous subject lines throughout June and beyond

A notification of an "auto-renewal" for a service you didn't subscribe to. Most seen is Norton Anti-virus, but also PayPal and Geek Squad. They give a phone number to call if you want to dispute the charge. DON'T CALL THE NUMBER. If you do, they will want your credit card or banking account number "to verify the purchase". You just gave away your information to the bad guys. 

Confirmed Phish

[Ext] Fwd: IMPORTANT: A message From University of Tennessee Health Science Center 6/9/2021

"Dear Employee - You have a New Message from UTHSC Employee Portal" - This phish is not from UTHSC. 

Confirmed Phish

[Ext] Quick request 6/9/2021

"Kindly send me your available cell number -"

The name of Department Chairs are being spoofed to make these phishing email look like they are coming from them asking for a favor. Do not reply to these askiing for a cell number. 

Confirmed Phish

[Ext] PO 345345# University of Tennessee 6/8/2021

"Please VIEW Attached" - the "attached" is a word document that has malicious link imbedded in it. It also wants you to click a link to "login" and give away your credentials.

Confirmed Phish

[Ext] (no subject) 6/4/2021

"Give me your cell number, I need you to take care of something."

Numerous members of our campus had their name spoofed by a GMail address looking to get people's cell numbers.

Confirmed Phish

[Ext] eScanner-564-08 | Scan Notification | 4 May, 2021 5/4/2021

"You have received a fax document" - wanting you to click a link in an email.

Legitimate Email

[Ext] HealthStream Alerts 5/3/2021

This is a legitimate email about required HIPAA training.

Confirmed Phish

[Ext] #In_Voice #Number: 4/30/2021

Renewal of Norton anti-virus that you didn't sign up for. Wanting the recipient to call a phone number so they can be socially engineered

Confirmed Phish

[Ext] Urgent Action Required 2/17/2021

"Your mailbox is almost full" but comes from an external email address. 

Legitimate Email

[Ext] McLean Employee Experience Survey 1/14/2021

UTHSC has contracted with McLean & Company for a survey

Legitimate Email

UT Test Results !!! 12/28/2020

An encrypted email, with test results. 

Confirmed Phish

PART TIME JOB 12/29/2020

Offering a great salary for part-time work, they want your personal information. 

Note this one wasn't external, but from a compromised email account.

Confirmed Phish

[Ext] For faculty/staff: Dean hides author's identity 11/30/2020

Wants you to search for a YouTube clip. 

Confirmed Phish

[Ext] Payroll Error  11/17/2020

Greetings,  I will like to know if you received my previous message concerning the error from the payroll department. (Email coming from an address in France)

Confirmed Phish [Ext] Win $11k to fund your dream activity for your college club! 11/4/2020 We are giving $11,000 in funding to the best campus idea!
Being a college student is challenging right now....
Legitimate Email  [[Ext]  unlock access to your LinkedIn Learning account 11/2/2020 Email from UTK inviting you to use LinkedIn Learning
Confirmed Phish   [Ext] Subscription Auto-Renewal Alert   10/29/2020  This email is to inform you that your Subscription for your NETWORK Firewall is going to be auto-renewed............
Confirmed Phish [Ext] Required-Notification  10/29/2020 Password Expiry - Office-365

Last Published: Dec 3, 2021