New Online Resource Helps Users Identify Phishing Emails

The Information Security team has created a new online resource to help University community members verify if they have received a phishing email — an email that looks official, but is actually a scam that tries to fool recipients into disclosing personal information. The Phish Tank provides examples of actual phishing emails that have been received at University of Rochester email addresses, including URMC.

Sample phishing emails are listed by subject line and the date they were first reported. Each example includes notes about how the email was determined to be a scam.

The Phish Tank includes emails from the most recent phishing attacks (June-July 2013) and will continue to be updated as new phishing emails are reported. To report a phishing email, forward the email as an attachment to

If you receive a suspicious email and you’re uncertain if it is a phishing attempt, check the Phish Tank to see if it has already been reported.

  • If it is there, do not click on the links in the email and delete it immediately.
  • If it is not there, contact the University IT Help Desk (275-2000) or the ISD Help Desk (275-3200) with any questions.