Skip to Main Content

Phishing Examples

Below are examples of phishing scam attempts.




Date Reported: 29 October 2013


From: Canvas []
Sent: Tuesday, October 29, 2013 12:45 PM
To: Recipients
Subject: New Form


You have received an Important Course Form posted through the Canvas Learning System.

Please sign in now to view.

Click here to sign in

Thank you,

Canvas Learn.



This email seems convincing because it mentions Canvas.  However, official emails from UNF will always come from a UNF email address.  This email is immediately suspicious since it does not come from a valid UNF email address (such as  Finally, it is a good practice to copy links in emails into the web browser to verify that it points to a UNF address.


Examples of Phishing scam attempts


Date Reported: 24 February 2012


From: Carlone, Karen M. Prof. [] 

Sent: Friday, February 24, 2012 8:24 AM 

Subject: Mail Access Maintenance!  



All services, including Internet, Email, and Canvas will upgrade within 48 hours. 

Please click:

Thank you for you patience as we update our systems. 



IT Maintenance Team 




This email also seems convincing because it mentions Canvas.  However, official emails from UNF will always come from a UNF email address.  This email is immediately suspicious since it does not reference UNF anywhere.  Finally, it is a good practice to copy links in emails into the web browser to verify that it points to a UNF address.


Date Reported: 29 July 2010

From: Florida State University []
Sent: Thursday, July 29, 2010 12:00 AM
Subject: [SPAM] Dear Account Subscriber,

Dear Account Subscriber,
Account Server:

This Email is from the Florida State University administrative unit and we are sending it to every accounts user for maintenance/upgrade User security system. We are having congestions due to the anonymous registration of and accounts so we are shutting down some and accounts so your account needs to be re-upgraded due to this condition.

We are sending you this email so that you can verify and in order for safety and maintainance of your account. If you are still interested in being a and user please confirm your account by filling the space below.
Information would be needed to verify your account.

* Username: (................. )(Compulsory)
* Password: (..........................)(Compulsory)
* Date of Birth: (..........................) (optional)
* Country Or Territory: (..................) (optional)
* Security Question: (....................) (Compulsory)
* Security Answer: (.....................) (Compulsory)

Before sending your account details to us, you are advise to Login into this Link below:

NOTE: If your account do Login send us the details, if otherwise it means it has already been deleted. Sorry for the inconvenience this might cause you we are only trying to make sure you surf the net perfectely with our accounts.

All you have to do is Click Reply and supply the information above, your account will not be interrupted but only upgraded.
Thanks for your attention to this request.
Once again We apologize for any inconveniences.

* * * WARNING * * *

Account users that refuses to update his/heraccount after 7 Days of receiving this warning will lose his or her account permanently.

Unauthorized access to this computer is in violation of the Annotated Code, Criminal Law Article ? 8-606 and 7-302 and the Computer Fraud and Abuse Act, 18 U.S.C. ? 1030 et seq. This office may monitor use of its computing resources as permitted by state and federal law, including the Electronic Communications Privacy Act, 18 U.S.C. ? 2510-2521 and the Md.
Annotated Code, Courts and Judicial Proceedings Article, Section 10, Subtitle 4. Anyone using this system acknowledges that all use is subject to ( Policy on the Acceptable Use of Information Technology Resources available at:

Webmail Unit/Florida State University (



This email looks convincing because of the links to real FSU resources. No legitimate organization will ask for your credentials in an email.


Date Reported: 19 May 2010

From: Webmail Messaging Center []
Sent: Wednesday, May 19, 2010 7:37 AM
Subject: Dear Webmail Account Owner

Dear Webmail Account Owner,

This message is from the University Webmail Messaging Center to all email account owners. We are currently carrying out scheduled maintenance, upgrade of our web mail service and we are changing our mail host server, as a result your original password will be reset. We are sorry for any inconvenience caused.

To complete your webmail email account upgrade, you must reply to this email immediately and provide the information requested below.

E-mail Address:
User Name/Id:
Re-type Password:

Failure to do this will immediately render your email address deactivated from the University Webmail.


This E-mail is confidential and privileged. If you are not the intended Recipient please accept our apologies; Please do not Disclose, Copy or Distribute Information in this E-mail or take any action in Reliance on its contents: to do so is strictly prohibited and may be Unlawful. Please inform usthat this Message has gone astray before deleting it. Thank you for your Co- operation.

Copyright © 2010 University Webmaster. All Rights Reserved



The university will never ask for your credentials in an email. Also official emails will always come from a UNF email address.


Date Reported: 17 May 2010

To: []
Subject: Quota Alert ! ! !

Your mailbox has exceeded one or more size limits set by your administrator.

Your mailbox size is 102145 KB.
Mailbox size limits:

You will receive a warning when your mailbox reaches 90000 KB.
You cannot send mail when your mailbox reaches 100000 KB.
You cannot send or receive mail when your mailbox reaches 100000 KB.You may not be able to send or receive new mail until you reduce your mailbox size.
To make more space available,

Increase now

Failure To Click This Link And Validate Your Quota May Result In Loss Of Important Information In Your Mailbox/Or Cause Limited Access To It.





This email looks like the email you receive when your mailbox is at its size limit. However the official notification email does not ask you to click on a link to increase your quota. It is a good idea to copy links from emails into your web browser, and verify that the link is actually a UNF address. In this case the link is for a page not affiliated with UNF. Official University emails will always come from a UNF email address.


Date Reported: 4 March 2010

From: Postal Manager Irvin Powell []
Sent: Thursday, March 04, 2010 12:42 AM
To: Undisclosed-Recipients
Subject: UPS Delivery Problem NR.2895

Dear customer!

We failed to deliver the postal package which was sent on the 3rd of January in time because the addressee's address is not correct. Please print out the invoice copy attached and collect the package at our office.

United Parcel Service of America.



This email has a ZIP file attached that you are asked to open and run the executable inside. The executable is a backdoor virus that starts downloading more malware onto your computer. It also steals credentials to bank accounts and other sites. As a general rule, never open attachments from senders you don't recognize.


Date Reported: 2 March 2010

From: Webmaster []
Date: March 1, 2010 9:36:02 PM EST
Subject: Mailbox Shutdown Notification

You are expected to verify your email account to avoid mailbox shutdown :

Login Username:
Login password: **************

To avoid shutting down of your mailbox which could lead to loss of your important files on our server,you must send these details on receipt of this message.

Thank you very much.




Official emails from ITS will always come from a UNF email address. The University will never ask you for your password. Never give your password to anyone, even in an email.


Date Reported: 6 February 2010

From: WEBMAIL Maintenance []
Sent: Saturday, February 06, 2010 9:46 AM
To: undisclosed-recipients
Subject: WEBMAIL Maintenance Notice WEBMAIL Maintenance Notice
Dear WebMail User,
This message is from WEBMAIL messaging center to all Email owners. We are currently upgrading our data base and e-mail center. We are deleting all unused WEBMAIL USERS to create more space for new ones and also increasing the storage space. To prevent your account from closing, you will have to update it below so that we will know that it's a presently used account. CONFIRM YOUR EMAIL BELOW.BY CLICKING ON THE LINK BELOW

However, failure to comply may result in temporary webmail suspension. Please understand that this is a security measure intended to help protect you and your mailbox.



Official emails from ITS will always come from a UNF email address. Also please note that the link included is not a UNF link, but is actually a link to a Chinese website. These emails usually try to trick the user into clicking on the link and entering their credentials on that page. After that happens their accounts become compromised and any number of bad things can happen. If you put your information into a page like this change your password immediately.


Date Reported: 17 November 2009

Sent: Tuesday, November 17, 2009 9:15 AM

Attn: Sir/Madam

Sgt. JOHN SMITH here, a US soldier serving in the peace keeping mission in Iraq. I am in dire need of your assistance.

I am making a concealed request to you for an assistance to move some funds (totaling US$8.5 Million) for safe keeping.

The money in question was discovered in some barrels at a farm house near one of Saddam's old palace in Tikrit-Iraq during a rescue operation. You can read more stories of funds discovered here by following this link

I took some of this money for myself before disclosing it. You'd probably wonder why, but no compensation can make up for what we have been doing here.

I am sincerely hoping that you are a honest person who can be of help to me. I should be returning back to the US after our assignment here in Iraq elapses. I am proposing 20% of the entire sum to you for your cooperation and assistance.

Importantly, I plead that this information be kept confidential.

I have been able to get the money out of Iraq in a box to a temporary location through our colleague here who is with the British Army. The content of the box was undisclosed.

Expecting a positive response.Please get back to me via (


US 3rd Infantry Division.



This is a very interesting twist to an old theme. Not only does the sender promise money, he also appeals to you by pleading for an honest person.

Things to look for in emails like this are: 1. The sender asks you to reply to a different email address than the address it was sent from. 2. You are being asked to participate in an illegal activity. At the very least the sender is trying to get your bank account information. This could also be an attempt to involve you in a money laundering scheme.

This particular email appears to have originated in China, not Iraq.

Please note the name of the sender has been changed,and email addresses removed in the interest of privacy.


Date Reported: 1 November 2009

From: System Administrator []
Sent: Sunday, November 01, 2009 3:45 PM
Subject: Your mailbox has exceeded the storage limit

Dear Webmail Account User,

This message was sent automatically by a program on Webmail admin center which periodically checks the size of inbox, The program is run automatically to ensure no user inbox grows too large. If your inbox becomes too large, you will be unable to receive new emails. Just before this message was sent, you are currently running on 20.9 GB, You have has exceeded the storage limit which is 20GB.

To help us re-set your Account SPACE on our database prior to maintain your INBOX, you must reply to this e-mail providing us your the Below information:

E-mail ( ... ... ... ... ... ... ... ... ... ... ... ... ... ...... ... )
Username/ID ( ... ... ... ... ... ... )
Current Password ( ... ...... ... ) Retype Password: ( ... ...... ...)

From this point you will be unable to receive new email as it will be returned to the sender, Provide the above information to enable us help reset your webmail immediately.

NB: Your Webmail Account Expire in Three (3) Days. After you read this message, it is best to REPLY with the required information to upgrade MailBox. Reply to this message immediately to Re activate your Account.

Thank you for your cooperation.
Webmail Help Desk. System Administrator



UNF will never ask for your password in an email. Official emails from the university will always come from a email address.


Date Reported: 1 September 2009

From: "Account Upgrade"[]
Date: September 1, 2009 7:49:45 AM EDT
Subject: Attention Email Account holder

Attention Email Account holder,

This message is from the Database Information Technology service messaging center, to all our e-mail account holders. All Mailhub systems will undergo regularly scheduled maintenance. Access to your mailbox via our mailportal will be unavailable for some period of time during this maintenance period.

We shall be carrying out service maintenance on our database and e- mail account center for better online services. We are deleting all unusede-mail accounts to create more space for new accounts.

In order to ensure you do not experience service interruptions/possible deactivation Please you must reply to this email immediately confirming your email account details below for confirmation/identification

1. First Name & Last Name:
2. Full Login Email Address:
3. Username & Password:
4. Confirm your Current Password:

Failure to do this may automatically render your e-mail account deactivated from our email database/mailserver. to enable us upgrade your email account, please do reply to this mail.

Upgrade Team



UNF will never ask for your password in an email. Official emails from the university will always come from a email address.


Date Reported: 28 August 2009

Sent: Friday, August 28, 2009 8:24 AM
Subject: Dectivation of Account

This is to inform you that we would be performing maintainance in our web database and this might cause some interuptions when checking your mail and sending of mails from your account, to avoid your mail account from been effected, you are advised to reply to this mail with your valid password attached as this would enable us upgrade your account.

Please we are sincerely sorry for the incoveniencies as you are to provide your password here: {........}. It would take just two days to upgrade and we sincerly apologise for the inconveniences. Thanks for using our mail.



UNF will never ask for your password in an email. Another thing to look for is a large number of misspelled words.


Date Reported: 20 August 2009

Sent: Wednesday, August 19, 2009 4:53 AM
To: undisclosed-recipients
Subject: Your Mailbox Has Exceeded Storage Limit!!!

Your Mailbox Has Exceeded Storage Limit!!!

You may not be able to send or receive new mail until your mailbox size is increased by your System Administrator.

To help us re-set increase the size on our database prior to maintain your Mailbox, you must contact your system administrator via Email with these informations, to increase your storage limit automatically. You do not need to be present at our Office.

Username: ................

You will continue to receive this warning message periodically if your inbox size continues to exceed its size limit or between 18MB and 20 MB.



UNF will never ask for your password in an email.


Date Reported: 20 July 2009

From: Hepdesk []
Sent: Monday, July 20, 2009 11:29 PM
Subject: Red**Message**Alert

Dear Users,

We are currently carrying out maintainance on our web mail database, to complete this process you must reply to this email immediately, and enter your User name here (**********) And Password here(**********) if you are the rightful owner of this account.

This process we help us to fight against spam mails. Failure to summit your password, will render your email address in-active from our database as you shall be deleted from our database.

Thank you for Choosing! Help Desk.



UNF will never ask for your password in an email. Also the support center's email address is not UNF will not delete your email box while you are a student or employee of the university.


Date Reported: 29 June 2009

Sent: Sunday, June 28, 2009 7:25 PM

To confirm and to keep your account active during and after this process, please reply to this message with the below account informations to:



E-mail ID:

E-mail Password:

Date of birth:

Please note: This e-mail was sent from a notification-only address that cannot accept incoming e-mail. Please do not reply to this message except the WEBMAIL TEAM Email:




UNF will never ask for your password in an email. Any official correspondence from UNF will come from a unf email address and will ask you to reply to an email address. You will never be asked to send an email to a email.


Date Reported: 14 May 2009

From: []
Sent: Thursday, May 14, 2009 2:32 AM
To: UNF, Housing (HSG)
Subject: [Virus: Worm.Mydoom.M]

Dear user of,

Your account has been used to send a huge amount of spam during the last week. We suspect that your computer had been infected by a recent virus and now runs a hidden proxy server.

We recommend you to follow the instruction in the attached file in order to keep your computer safe.

Have a nice day,
The support team.




Never open any attachments if you do not know the sender.


Date Reported: 14 November 2008

Sent: Friday, November 14, 2008 10:30 AM


We notice that your webmail account has been compromised by spammers.They have gained access to your webmail account and have been using it for illegal internet activities.You are to send us your account information immediately to enable us reset your account.A new password will be sent to you once this is done.Send the information as follows

*User Name:
*Alternative email;

You are advised to send this information immediately or we will delete your acocunt from our network.

The UNF Help Desk




UNF will never ask for your password in an email. The support center's email address is not will not delete your email box while you are a student or employee of the university.


Date Reported: 2 May 2008

From: First Florida Credit Union Fraud Prevention []
Sent: Friday, May 02, 2008 9:37 AM
Subject: New Security Features To Our Customers

First Florida Credit Union Fraud Prevention Systems

This message has been sent to from First Florida Credit Union.

Dear Customer,

During the past days we noticed multiple fraud attempts aimed at our clients. In order to protect our customers we implemented new security features into our Online Banking and Fraud prevention systems.

We cannot directly administrate this new features without your permission and will, and in order to take advantage of these we have to be sure that you are the owner of the account.

Reasons we need you to verify yourself as legit owner:
1. Some security features might not suit your daily applications
2. In risky situations like these, some implementations might be over-reacting to your activity.
3. Some browsers may not support the new encryptions and security features.

That is why we need you to make this decission wether to be integrated as Protected Customer or not. This does not include any charge of any kind.

Features that will be activated along with your account:
1. Security Questions.
2. Double password.
3. Geographic Lookout for the origin of the computer.
4. In case of travelling and willing to access your account abroad please call us first.
5. Enhanced logging.
6. Better user-site encryptions.
..Many others..
To implement the security feature click here and follow the indicated steps.
* This measure has been taken only to protect our customers. We are sorry for the inconvinience it may cause.

First Florida Credit Union.




Your financial institution will never send you an email asking you to log in to update your account. These phishing attempts have a link for you to click on that takes you to a website that looks like your bank's website, and asks you to log in. When you do, the attackers get your username and password for your bank's real website.


Date Reported: 30 April 2008

From: Rev. Dr. Philips Weah []
Sent: Wednesday, April 30, 2008 6:35 PM

Zenith Heights
Plot 87 Ajose Adeogun Street,COTONOU
PHONE +229 9724 9475

This is to bring to your notice that, I have paid the mail delivery of your ATM.I paid it because the ATM Card 8119 $800.000.00.has less three days to expire and when it expires,the money will go into Government purse.With that I decided to help you pay the money so that,the ATM will not expire,because I know when you get your ATM definitely you must pay me,my money back and even compensate me for helping you.

Now i want you to contact Impex Courier Company with your Full Contact informations so that they can deliver your Card to your designated address without any delay. Like i stated earlier, The delivery charges has been paid but i did not pay their official keeping fees since they refused. They refused and the reason is that they do not know when you are going to contact them and dumourage might increase. They told me that their keeping fees is $95.

Below is their Contact Informations, Contact Person: Dr. Kenneth Ifezuo Impex Courier and Security Company Email:. Tel: +229 93840292 Contact Today to avoid increase of their keeping fees and let me know once you receive your Card.




Return to Phishing