A round fishbowl with red goldfish
The UVM Phishbowl is designed to help members of UVM’s community identify phishing scams and report suspicious emails. A phishing scam is an attempt to steal your UVM credentials (your NetID and password) or other important personal information.

Below are emails that have been reported by the UVM community. A red X means it’s a scam, and the smiling green fish means it’s safe.

  • If you've received an email that seems suspicious and you don't find it here, please forward it with its headers intact to abuse@uvm.edu for review by the Information Security Office.
  • If you have spam (i.e., unsolicited commercial email that does not appear to target your personal information) that has eluded our spam filtering system (a false negative), please forward it with its headers intact to is-spam@uvm.edu.
  • Likewise, if you see a legitimate message in your Junk Email folder (a false positive), please forward it with its headers intact to not-spam@uvm.edu.

For more information about UVM's anti-spam, anti-malware, anti-phishing service, please see our Proofpoint Spam Filter Knowledge Base article.

ATTENTION!!! - received May 25, 2022

This phish is trying to scare you into entering your credentials to avoid termination of your account - a common tactic for phishing emails.

Your Password Will Expire Today! / UVM Mail Compromised! / Technology Services. - received May 21-22, 2022

None of these emails from this weekend trying to get you to enter your UVM credentials to fix an "urgent issue" are legitimate.

"Password will Expire today!", "Mail Notice!", "Urgent Notice!" - received April 27, 2022

Three subject variations, but all the same content that attempts to induce you to visiting a non-UVM website and enter your NetID and password. As always, be sure to always take a look at the address bar before entering any sensitive information into a website.

 

Password expiration phish

"Mail Notice!" - received April 25, 2022

You've seen this before...last week, even! Needless to say we wouldn't send you to a squarespace address to address anything important with your account.

 

"Mail Notice!" phish

 

Suspension Notice - received April 18, 2022

It is unfortunately quite easy to fake the "From" address on emails. Always be sure to check where the email is trying to send you by hovering over the link and avoiding it if it's not a "uvm.edu" address.

"Information@uvm.edu" - received March 11, 2022

You're on Spring Break, but the scammers aren't! Here's the latest phish:

'information@uvm.edu' phish

"Emergency" - received February 25, 2022

More of the same...as always, if it makes you feel fear, uncertainty, or doubt it's worth an extra dose of skepticism.

Emergench phish

"UVM Mail Deactivation", "Information Desk Office", and "CONFIRM ACCOUNT" - received February 24, 2022

We've received several variants of this phish, all sent from the same compromised UVM account, and all with the same threat of mail account deactivation. Needless to say you have nothing to worry about (unless you follow the link and enter your personal information).

UVM Mail Deactivaton phish

"EMERGENCY" - received February 16, 2022

This looks familiar! It's a continuation of the campaign that has been targeting UVM and several of our peers for the last couple of weeks, and unfortunately it continues to yield more compromised accounts.

EMERGENCY phish

 

"Help Desk" - received February 14, 2022

Here's yet another entry from this ongoing campaign, this time trying to compromise your account by preying on your fears about your account being compromised!

Help Desk Phish

"Help Desk" - received February 9, 2022

Not to worry! You didn't request that your account be deactivated, and we wouldn't ask you to enter your password in a Squarespace site in any circumstances.

"Help Desk" phish

Your mailbox storage - recevied February 7, 2022

New year, same old illegitimate threats about your mailbox being full! As always, hover your mouse over the link to see where it will really take you.

your mailbox storage phish

"KEEP SAME PASSWORD" - received January 17, 2022

Several recent phish have led you to a Google Doc - just because Google is hosting it, doesn't mean it's safe.

KEEP SAME PASSWORD phish