Alert: Beware of Fake Job Offers or Research Opportunities
Type Email Subject Messages include a variety of subject lines Content The beginning of the academic year brings an increase in phishing campaigns. Students are being targeted by phishing emails that include fake job applications or research opportunities and may appear to be from legitimate businesses. Often these messages ask students for personal information. A recent uptick in phishing attacks is being seen at institutions across the country. In addition, entities posing as Elon faculty may offer work programs in exchange for a “check” or “gift card”. These are common scams that seek to extort money from victims. Here are red flags to look for when you’re unsure if an email real or fake. Generic details: The email does not address you by name. Includes errors: The email contains grammatical or spelling errors. Unknown source(s): The message is from an email address that doesn’t match the company name or includes…
Read MorePhishing: Important: Access Denied IncidentID1176951
Type Email Subject Email subject line: Important: Access Denied IncidentID1176951 Content This is a phishing email that threatens loss of account access if a “revalidation” or “reset” action is not performed. The sender is an external (non-Elon) sender. Phishing messages often try to create a sense of urgency around an imminent account lockout action unless the victim visits a link. Often the link will send the victim to a malicious site that will ask for sensitive information, likely username and password, or some other personal information (address, phone number, banking information, etc.). The use of a QR Code makes inspecting the link particularly difficult for the victim. Always be cautious about accessing QR Codes from your phone or other devices as you may not know where the links will go. Visit the Information Security website to learn more about recognizing phishing scams. The content of the email is below. [QR…
Read MorePhishing: Store Evaluator Job Opening
Type Email Subject Email subject line: Store Evaluator Job Opening, Evaluator Job Application Content This is a phishing email appearing to be from an Elon faculty or staff member. The email appears to be a job offer and asks for personal information including name, address, and contact information. (screenshots below for reference). Please do not reply to this message as the attacker will use this information for malicious purposes. Phishing messages often try to solicit personal information in the promises of offering something, either money or a job opportunity. Personal information can also be used in future attacks as well. Visit the Information Security website to learn more about recognizing phishing scams. The content of the email is below. ATTN: Students/Staffs/Non-Staffs, I am introducing you to a part time opportunity, you can show interest and apply after reading. Opinion Outpost ®, a leading agency specialized in Global Customer…
Read MorePhishing: ITs University Email Out-of-Date
Type Email Subject Email subject line: ITs Content This is a phishing email appearing to be from Elon University IT Service Desk. The email claims that email account settings are out-of-date and must be updated. Recipients are directed to a malicious link login with their Elon username and password (screenshots below for reference). Delete this email and do not click on the link. If you have already submitted the form, immediately reset your Elon Account password and alert the Technology Service Desk at (336) 278-5200. Phishing messages often try to prompt user action through a false sense of urgency involving account maintenance or mailbox deletion. Recent phishing attempts have introduced a prompt to accept MFA call notifications as well. Elon strongly encourages the use of Duo push notifications to registered Duo devices over call prompts. Delete the email if you feel it is not legitimate. Visit the Information Security…
Read MoreAlert: Employee Assistance Program (E.A.P)
A phishing email with the subject Employee Assistance Program (E.A.P) offers money to ‘qualifying’ employees due to hardships from the COVID-19 crisis. This is a phishing scam sent to gather personal information including login credentials. Do not reply or click on the link within the email.
Read More