Other ways to search: Events Calendar | UTHSC

Cybersecurity Scam of the Week – Top 10 Email Scams – And We’ve Seen Most of These on Campus


Instead of a specific scam this week, let’s review the top 10 scams for 2023. Most of these will look familiar, as they have ended up in people’s inboxes and reported to Abuse. “Why can’t we stop these?”, you ask. We do as soon as they are reported, but scammers are getting increasingly proficient in making their phishing attempts look legit.

The first eight we’ve seen reported to Abuse:

  • Payroll Diversion – Asks to change their bank account, payroll, or direct deposit information.
  • Request for Contact – Asks for the recipient’s mobile number or personal email address.
  • Task – Requesting assistance for urgent tasks or favors.
  • Availability – Very short emails asking if the victim is available, at the desk or at the office.
  • Invoice Transaction – Fraudulent emails about overdue invoice statements.
  • Gift Purchase – Talks about surprising employees with a gift, usually asks the recipient to buy a gift card.
  • Wire Transfer – Orders the recipient to prepare a certain amount of money for a wire transfer.
  • Request for Document – Requests for a copy of an aging report, W2, or vendor list.”

To round out the top 10, these two are HR scams:

  • HR: Important – New Return To Office Policy
  • HR: Please update your W-4 for our records

Scammers use various free email services, particularly Gmail accounts, to launch these attacks. Be cautious of any emails you are not expecting and verify the email address is legitimate. 

What has been reported to abuse@uthsc.edu this past week?

  • [Ext] (No Subject line from an external email address) – this phish spoofed the name of someone on campus but used a gmail.com address to ask for a favor
  • [Ext] Inquiry – this phish originated with a German email address wanting a reply so that a purchase order could be sent
  • [Ext] FW: Q167945 – NEW PROJECT – this phish wanted the recipient to click on a link to view some files
  • [Ext] Completed Scanned Estimate(Ref- Payment Notification #72466) – this phish attempted to look like someone was sharing files via SharePoint

Keep reporting suspicious emails to abuse@uthsc.edu for examination. If you wish to report an incident to the Office of Cybersecurity, use TechConnect.