Phish-Bowl

This page is your source for the latest phishing attempts (email scams) being experienced by the WVSOM community. If you receive an email you believe to be suspicious or fraudulent, check the "Recent Catches" below to see if the email is a confirmed phish.

To report a new phishing email forward the email including the headers to catchaphish@osteo.wvsom.edu. This account is actively monitored for new reports, once confirmed the email will be added to this page.

Recent "Catches"

Fake Quote Invite (known contact)[6-21-23]

The above email was from a known email address that had been compromised. Key signs were the language and lack of information requiring you to click a link to get any real information. The link itself can be seen to go to a non affiliated sharepoint.

Fake Office 365 Password Expiration [3-16-23]

The above e-mail include a malicious link stating that your Office 365 password has expired. Please note the blue bar message displayed in the image.

Fake Osteo Caller and Voicemall [3-20-23]

Beware of fake caller and voicemail stating they are with WVSOM.

Pending Helpdesk Messages [4-5-23]

The above e-mail is designed to trick the user into clicking the "View" button stating you have 3 missed important helpdesk messages.

Fake Money Deal [4-9-23]

Listed above is a fake e-mail stating she is the head of bank wanting to carry out 3.5M dollar deal. Please note the blue bar message displayed in the image.

Fake Salary Increase [4-9-23]

Listed above is a fake e-mail stating you are approved for a salary increase. Please note the blue bar message displayed in the image.

Fake High Importance Emails [6-27-23]

The above email states that there are 3 high importance emails failing to deliver to your mailbox. Please note the blue bar message displayed in the image.

Fake Compensation Policy [7-18-23]

Listed above is a fake e-mail asking you to review the compensation policy document attached.

Common Signs of Phishing Attempts:

Do you recognize the sender? Does the email address match the name of the supposed sender? Sometimes attackers will use a name that's familiar to you but the email address is something completely different. When in doubt, call or text the sender about an email you are unsure of.
Are you named in the salutation or is it a generic "Dear User/Customer"? Attackers usually send messages out in mass with a one-size-fits-all greeting. If a trusted institution was trying to contact you they should know your name.
Are there spelling errors or instances of poor grammar? Many of these attacks originate abroad and are often perpetrated by cyber criminals that have poor use of the English language.
Does the subject and/or message body convey a sense of urgency or require immediate attention i.e. "Account Deletion Imminent"? Oftentimes, attackers will prey on your fears in order to make you rush to act quickly. Usually, if it's as dire as they say, the organization would probably reach out to you over multiple means of communication and should never ask for personal information (passwords, SSN, etc.) via email.
If it appears too good to be true, it probably is. You cannot win the Public Cleaninghouse Lottery if you've never played.
Be wary of links in suspicious emails. Attackers can make links appear different than where they actually lead. For example, this link looks like it would take you to Google: https://www.google.com but this link actually leads to our homepage. Hovering over the link should tell you the actual destination in either the lower left or right corner of your browser.
Be careful of attachments. You should only open attachments you are expecting. Sometimes attackers will hide malware inside files that are named to be deceivingly tempting such as "Employee W2s". Remember, curiosity killed the cat.