An email recently hit Princeton inboxes with an enticing offer: lucrative remote internships supposedly endorsed by Peter Bogucki, a dean in the School of Engineering. The only problem — the dean never sent it.
The fraudulent message was the latest in a growing trend of phishing attempts targeting the Princeton community. According to data obtained by The Daily Princetonian from the Office of Information Technology (OIT), the University saw a 44 percent increase in unique phishing emails in 2024 compared to 2022, with a 186 percent jump in overall reports during that same period.
“Please do not respond to these obvious phishing attempts,” Bogucki wrote in an email to all B.S.E. students after the fraudulent email. “Some malefactor is sending email purporting to come from me … I have reported these messages to the Phish Bowl at our Information Security Office.”
In a follow-up email to the ‘Prince,’ Bogucki said this was the first time he had ever been impersonated in a phishing attempt. “This is a potential problem for my office,” he wrote. “If students come to believe [our messages] are phishing attempts, then they will ignore them.”
The Phish Bowl, Princeton’s public archive of known phishing emails, has logged over 2,000 unique phishing messages since 2022, with attacks becoming more frequent and more sophisticated. According to Milan Stanic, an OIT Information Security staff member, phishing reports have ballooned over the past four years.
The Prince analyzed a dataset provided by OIT showing thousands of phishing attempts dating back to 2021.
Phishing emails will sometimes use fake research assistant positions or internships to lure students in. The subject lines of phishing emails received by the Princeton community over the past four years reveal a pattern: words like “urgent,” “account,” “password,” and “internship” frequently appear, with offers often designed to provoke immediate action or pique curiosity.
Some scams also mimic the tone and design of official University emails. Many use Princeton-branded logos, slightly altered sender addresses like “support@princeton-edu.com,” and familiar copywriting.
“The attackers are getting better at impersonating real Princeton emails,” said Stanic. “They know students are more likely to click if it looks like it’s coming from a dean, a professor, or the financial aid office.” A recent phishing attempt advertising a research job opportunity even attached a PDF with a Princeton University letterhead and a signature from the “HR Department,” drawing more clicks at a quick glance.
The attacks come at all times of the day, but some times are more popular than others.
Emails spike sharply between 9 a.m. and 2 p.m., likely to attempt to blend in with the normal flow of academic and administrative communication. Fewer attacks occur late at night, though some are sent during early morning hours, suggesting a schedule-sent email or overseas senders.
As phishing has evolved, Princeton’s approach has, too.
In response to the uptick in phishing attempts, the Information Security Office recently announced changes to how suspected phishing messages are handled. In an email to all undergraduates on Thursday, April 10, the Information Security Office (ISO) announced that, as of this semester, phishing emails will now skip the Junk folder entirely and be automatically dumped in Gmail’s Trash or Outlook’s Deleted Items folder. Spam filtering thresholds have also been lowered.
However, that added security might come at a cost. According to the email, “genuine emails may be inadvertently sent to Junk. The Junk folder should be checked daily for legitimate messages.”
Stanic noted that the ISO runs annual phishing simulations and security training for faculty, staff, and students. Short tutorials are available through Princeton’s own platform and more in-depth ones through LinkedIn Learning.
“University offices will never ask for personal information by email, nor would any reputable organization,” Stanic stated. “Be on guard — several University email addresses have been spoofed.”
Tuesdays and Wednesdays saw the highest number of phishing attempts across the board, potentially catching recipients off guard in the middle of a busy week. The weekends saw less phishing attempts, but no day experienced none.
Students are encouraged to be skeptical of urgent-sounding emails, especially those asking for personal data or quick clicks. Phishing scams often use pressure tactics, claiming an account will be suspended or that payment is overdue, to rush users into action.
“If something seems off, then they shouldn’t click on links or attachments,” Bogucki advised.
In response to the surge in cyberattacks, OIT has launched several initiatives to boost cybersecurity awareness. Faculty and staff are required to complete annual cybersecurity training, which includes simulated phishing exercises. Also, students have access to a 17-minute phishing awareness module.
“We’re trying to build a culture where everyone thinks twice before clicking,” said Stanic.
Students are encouraged to stay skeptical of emails that demand urgency or contain links to reset accounts or confirm payments. These pressure tactics are common in phishing scams.
To stay safe, OIT recommends hovering over links before clicking, checking sender addresses carefully, and forwarding suspicious emails to phishbowl@princeton.edu.
“The best way to stop phishing isn’t just technology — it’s teaching people to recognize the red flags,” Milan said. “If something feels off, it probably is.”
“Everyone just needs to be careful,” Bogucki wrote. “This is something that affects the whole community.”
If you’re unsure whether a message is legitimate, check the Phish Bowl before responding. And when in doubt, just don’t click. Because nowadays even a message from the Dean might not be what it seems.
Ark Bunyan is a contributing Data writer for the ‘Prince’.
Please send any corrections to corrections[at]dailyprincetonian.com.
Read More
‘An existential crisis’: The faculty research stopped after research grants suspended
Luke GrippoIn the wake of the suspension of numerous federal grants, many professors have been thrown into disarray, worried about how they will be able to continue their research. However, the University has stepped in to cover funding for some postdocs and graduate students.
In the wake of the suspension of numerous federal grants, many professors have been thrown into disarray, worried about how they will be able to continue their research. However, the University has stepped in to cover funding for some postdocs and graduate students.
Princeton among plaintiffs suing the Department of Energy over caps to indirect funding costs
Christopher Bao and Andrew BosworthAfter DOE capped indirect costs at 15 percent of funding, Princeton and seven research universities filed a lawsuit against the DOE and its secretary.
After DOE capped indirect costs at 15 percent of funding, Princeton and seven research universities filed a lawsuit against the DOE and its secretary.
Cello, goodbye: cellist Brandon Cheng ’25 on his farewell recital
Chloe LauEvery music performance minor at Princeton is required to perform in a capstone recital in their senior year. On Sunday, April 13, Brandon Cheng '25 had his, filling Taplin Auditorium with the deep tones of his cello and showcasing his wide-ranging repertoire. In a conversation with The Daily Princetonian, Cheng described the trials and triumphs of his musical journey at Princeton.