Phish Tank


Cyber criminals use a variety of tricks to disguise themselves as legitimate companies, your colleagues, and people you would normally trust. Make sure you know who you are really communicating with and be careful of suspicious links. Phishing is a kind of Social Engineering attack in which a bad actor poses as a trusted or reputable source and sends fraudulent emails with the intent of manipulating individuals into revealing personal or protected information, or with the intent of gaining unauthorized access to a system through a download or link.

The Phish Tank is a compilation of recent emails that were reported to GSC Information Technology and have been verified as malicious phishing attempts against our college. If you receive a suspicious email that appears to be a phishing attempt, please forward it to If you mistakenly provided credentials to a phishing email, please change your network password immediately.

Tips to Avoid Being a Victim of Phishing

  • When in doubt, throw it out: Links in email, tweets, posts and online advertising are often how cybercriminals try to compromise your information. If it looks suspicious, even if you know the source, it’s best to delete.
  • Be wary of communications that implores you to act immediately, offers something that sounds too good to be true or asks for personal information.
  • Don’t reveal personal or financial information in an email, and do not respond to email solicitations for this information. This includes following links sent in email.
  • Pay attention to the website’s URL (hover your mouse over the URL to identify the “real” link – it should appear in the tooltip). Malicious websites may look identical to a legitimate site, but the URL may use a variation in spelling or a different domain (e.g., .com versus .net).
  • Most phishing emails will contain bad grammar or misspelled words (the email that was sent below is a good example)
  • If you are unsure whether an email request is legitimate, try to verify it by contacting the person/company directly via phone. Also, search for the company online – but not with information provided in the email.

Phishing Examples:

phishing email 10-29-2018

2018-10-28 | Phishing Message

Subject: URGENT or Hello

Are you Available?

Sent from myMail for iOS



2018-09-25 | Phishing Message

Subject: Re: Re: new sections

Unable to display this message

[link]: Click here to open this message



2018-08-23 | Phishing Message

Subject: Dennish Brown Has Shared a file with you


Please find the file I sent using OneDrive and let me have your opinion upon review

Dennis Brown
Enterprise Project Manager



2018-05-13 | Phishing Message

[Attachment] One Drive.2docx(4).docx


Please find attached the Look Ahead files for Friday 11 May 2018

Thank You





2018-04-10 | Phishing Message

Subject: Employee 2018 Policy Updates

Hello. Kindly [link] Sign In and review our Employee 2018 Policy Updates.


Admin © 2018 ADP America, Inc. All Rights Reserved



2018-02-28 | Phishing Message

Subject: Kind Assistance

Good morning,

Hope my mail find you well?
Kindly assist me transfer $560 into my attorney bank account stated below and forward to me the receipt.
Bank Info:
Bank Name: Chase Bank
Account Number: 951375885.
Account Name: Donna maiello.
Routing Number: 267084131.
Bank address: 19001 Bruce b downs Blvd Tampa,Fl 33647. USA

I would request your bank details next week and refund back.
Thank you.


2018-02-08 | Phishing Message


Dear User,

This is to inform you that microsoft Outlook will discontinue support on

your account and security and you will no longer have access to many of the latest

features for improved conversations, contacts, and attachments.

Take a minute to update your account for a faster, safer and full-featured

Microsoft Outlook experience

[Link] Update Your Account

sincerely Team

Microsoft respects your privacy, [Link] review our online privacy statement