Notification for uthscsa

July 28, 2022

This one keeps coming up and it is so dangerous, it needs to be put at the top of the list. This is an attempt to steal credentials from the recipient. They use “password expiring soon” to provoke a sense of urgency, hoping the sense of urgency will inspire the recipient to act without thinking […]

Assistant position or Employment Services

July 28, 2022

These emails have two malicious intents. In some cases, the PDF has malicious code designed to download a virus to the recipient’s computer or device. The virus then sends the same email to everyone in the Global Address List (GAL), so others will think the email came from someone inside the university, adding legitimacy. It […]

Reaching Out

July 26, 2022

A number of people reported this email to the Phish Bowl. If someone replies to this email, they will be asked to either give personal information about themselves or buy virtual gift cards. Thanks to all who flagged it. The email from Kathy’s Stamps n Signs explained they were hacked and their email account was […]


July 26, 2022

This email looks like it came from a member of our organization, but a scammer is using the name in an attempt to trick people into replying back. It seems harmless enough, but just replying back can tell the scammer they have the email address of someone who can be scammed. If I were to […]

Total Due

July 26, 2022

This email is not legitimate. There are 4 red flags. If you receive an email similar to this, delete it. The From field shows Xerox but the email address after it is not a account. The email is coming from a domain that gives away accounts like or, not a company’s domain […]

Document shared with you: “ADMIN EVALUATION FILE”

July 26, 2022

This is an example of Spear Phishing. The scammers know Dr. Henrich is the president of the university and having his name in the message might persuade people to click the Open button without really thinking it through. The email address it came from has nothing to do with our university and was probably a […]

Office365Alerts: Mail delivery failure

July 14, 2022

This email is designed to trick a person into clicking the View Messages link. It initially looks like it came from Microsoft but the email above the banner, “*EXTERNAL EMAIL*” shows the actual email address is from a domain named Hovering over the “View messages” button shows it will not take the clicker to […]

Employee Appraisal

July 14, 2022

This email is fraudulent. Hovering over the link shows the site is This is either going to be a phish or will download a virus to the computer. If you receive an email similar to this, delete it. Employee performance review email notifications for UT Health SA will come from UT Health Human Resources. […]

Part-time Job Opening (WHO)

July 12, 2022

The attachment might have a virus, which will be downloaded onto the computer or device, if opened. IT is working to remove this email from everyone’s mailbox. However, there are different versions of this same scam. If you receive an email similar to this, delete it. This particular email came from someone at our university […]

State Retirement or Benefits Email

July 8, 2022

This email is coming from a domain named is gathering email addresses of public entities’ employees and utilizing phishing techniques to acquire personal information and trick people into utilizing their retirement services. Technically this is spam but it is done in such a deceitful manner that it delegitimizes their service. Due to their […]