Information Security: Phish Tank

PHISH TANK

A list of Phishing Scams to be aware of and avoid.

APRIL 08, 2025  - BEWARE of this current scam.
notice the gmail address of the sender...
click for large version

current phish scam screenshot of fake 抖阴短视频 QRC attention for security upgrade

MARCH 2025 - CURRENT SMISHING SCAM

What is Phishing

This page is updated periodically for your review and safety.

For more TIPS (what to look out for) and HELPFUL INFO based on these and related scams to be aware of, go to PHISHING. If you think you've received a phishing email or scam, report it to security@binghamton.edu.

Contact the ITS Help Desk at 607-777-6420 or submit a . SEE images below so you know to avoid these scams.

Discover phishing scam trends/examples below...

KNOW HOW TO SPOT A SCAM

1. Check the below email on how to spot a phishing scam.

Image on how to spot a fake University scam through email and what to lookout for like informalities, grammar errors, no B-mail address...

 2. DON'T FALL FOR IT - 抖阴短视频 never sends campus emails out that include a QR code.

3. Be cautious with Google Group messages.

Spring 2025

Recent SMISHING scam - notice the mistakes and the fact that we never would send a text such as this from the ITS Help Desk.

Smishing (SMS TEXTING) scam screenshot that appears to be from ITS saying you have been opted to shutdown your email. When in doubt, contact the Help Desk, then report the smishing text.

Below is a very recent phishing scam from March 2025
Fake Job phishing new career opp. email that sounds too good to be true. Notice the awkward wording, and non Binghamton U email address!

February 2025 recent phishing scam
Keep in mind at all times to never give your personal information to ANYONE - notice the gmail account and strange wording/request below, and it appears to be regarding our campus president? This particular scam is very repetitive.

recent phish scam supposedly regarding Univ. president with odd wording and repetitious

Summer 2024

JUNE 26, 2024
To the Campus 抖阴短视频:

Malicious actors utilizing remote access phishing scams have been targeting individuals across the country, including those attending or employed by 抖阴短视频.

read more

Spring 2023

JAN 18: Be on the lookout for campus payment request scams. Never click on any links in an email such as this. What stands out as a scam? 抖阴短视频 will never send out emails with a self service payment portal. 

When in doubt, report the email to security@binghamton.edu, and/or send a copy to the Help Desk. Contact the proposed sender in a separate email for assurance, or phone the department it seems to be coming from.

1. The first example usually comes first, followed by the second one below that making it sound more urgent.

An image related to a campus payment (overdue) request scam. ITS NEVER sends these types of emails!

2.Another image related to a similar campus past due payment request scam.

Fall 2022

1. Watch out for withdrawal/fund related emails with attachments.

An image related to a fake withdrawal hoax scam. Noticing the external email address and unfamiliar initials and sense of urgency. Bing U never sends emails out like this.

2. Be on the lookout for fake professor attachment emails!

An image related to a fake professor email attachment scam - notice the gmail email address and never click on attachments.

3. Be on the lookout for impersonation and campus job scam emails!

SPOT the differences. You'll notice it's external mail, NOT from a Bmail address and the body has poor layout and typos. It also has an unrealistic pay rate or false information.

An image related to an impersonation scam with external email address.

An image related to a fake campus job scam with external email address - avoid!

4. Avoid Student Loan Scams

You never have to pay for help with your federal financial aid or student loans. Learn more about how to avoid scams and understand which companies and claims are legitimate. .

5. Beware of the Neverending Computer Tech Bill Scams!

Notice the attachment invoice? They try to lure you in by clicking on the attachment. See the email address is a gmail account, and not a business? NEVER click on an attachment from anyone unless you're totally sure it is legitimate. Chances are in this case, you did not do any business w/ GEEK SQUAD in the first place.

An image of a scam related to computer tech bill scams.

May 2022

1. This particular scam is quite popular appearing as BestBuy, Norton and other companies like this one. If you think you may have dealt with this company before, lookup their actual phone number and call them. As you can see here, the first alert that this is a definite scam is the sender's email address (GMAIL) and the strange name, and the fact that they used a bcc. REPORT/DELETE!

An image related to a Geek Squad scam.

2. This phishing scam tries to play on people's concerns of COVID - but keep in mind this is lacking just enough information to draw you in and trick folks. NEVER click on attachments unless you're certain it is safe. As you can see the email address is NOT a Bmail address.

An image related to a COVID fake test results scam.

3. This next scam is one that's been used by attackers that have compromised some 抖阴短视频 accounts. They're sending the messages through Sharepoint or OneDrive in office.com - so be extra cautious! The University President will NEVER share a file with any students via email.

An image related to a scam email impersonating the university president.

April 2022

Job scammers are getting creative, but we know better. See screenshot of recent job scam below, and review the browser in browser scam. Never click on any attachment unless you are sure it's legit. 1. Look at the sender's address. 2. Notice the  numerous email addresses this is being sent to - not professional. 3. Binghamton would not send out this simple unprofessional looking email for this type of event, and they would not ask you to fill out an attachment.

recommends: In an email, be suspicious of all links, attachments, and login windows. Open up a new browser window to login at an address you type in.
Protect your account with google 2 step.

NEWLY DISCOVERED PHISHING METHOD NEARLY UNDETECTABLE:
Criminals constantly evolve their tactics to offset cybersecurity attempts to ruin their payday 鈥 and a newly discovered method is especially troublesome. Many (most?) individuals access their personal email via a web browser 鈥 so it makes sense for this latest attack method to leverage a web browser 鈥渢rick鈥. The phishing scheme uses a 鈥渂rowser in a browser鈥 popup window for the victim to enter their authentication information 鈥 which seems legitimate, but turns out to be a hacker-generated skimming window instead. Go here for .

An image related to a job internship scam with an attachment. You should never click on attachments unless 100% sure.