BEWARE: Phishing messages requesting reply by text
Phishing and scam email prime season is upon us. The new trend is to ask for responses by phone or alternative email to make it harder to track responses and to gain your trust. Hackers are also still capitalizing on COVID-19 by promising unexpected funds to launch new ransomware and malware attacks. The below are some phishing examples along with how to identify them and protect yourself from them.
This is a common example of a scam job offer requesting contact by phone. Some obvious signs that reveal this to be a scam include: 1) Strange From Address, 2) To Address is a random external user 3) Response by phone or email is requested and neither are official Siena contacts, 4) Siena doesn’t advertise for positions in this manner, 5) Offer to good to be true, 6) Multiple inaccuracies in body of email
This is a sample of a COVID-19 phishing scam with typical phishing elements including: 1) Strange “From Address,” 2) No recipient in the “To Address,” 3) A link to a non-Siena site that requires a non-standard Siena log-in to apply, 4) Simple offer too good to be true.
From: ERIC A. BREIMER <barhercarson@gmail.com> Date: Fri, Aug 26, 2022 at 3:26 PM Subject: SIENA RESEARCH POSITION. To: many-users@siena.edu Hiring Team at Allied Millennial Partners LLC College of Arts and Sciences. Department of computer Science. Siena college. There is a Pressing Need for Student Research Assistants at Allied Millennial Partners LLC, Siena college. The Hiring Team will be accepting interns remotely with a weekly pay of $350.00 as compensation for services. This Offer is Opened to Students from any department of the Institution and tasks can be carried out remotely. Slots are Limited and consideration will be given on a first come first serve basis. To Proceed with the application process, please contact Professor Eric A. Breimer. via email to prof.ebreimer@gmail.com or via text to 1(229) 329-4556 stating your full name, email address, department and year of study regarding the job description and further application requirements Best Wishes, C/O Professor ERIC A. BREIMER Hiring Manager at Allied Millennial Partners Department of computer Science. Siena college.
This is a sample of a COVID-19 phishing scam with typical phishing elements including: 1) Strange “From Address,” 2) No recipient in the “To Address,” 3) A link to a non-Siena site that requires a non-standard Siena log-in to apply, 4) Simple offer too good to be true.
From: Chen, Junting <jchen@qcc.cuny.edu> Date: Tue, Jun 28, 2022 at 2:59 PM Subject: Support Program for Employees To:</jchen@qcc.cuny.edu> The Employee Assistance Program has launched a Support Program to give financial assistance to all students, employees and families during the summer of 2022. The Employee Benefits Plan will provide $5,000 in financial support to students, employees and their families as part of the COVID-19 Support Plan. Applications are being processed and approved. Visit the Employee Benefits portal and sign in to complete and submit your application. Sincerely, *Junting Chen* Employee Benefits Program
This is a sample of a COVID-19 phishing scam with typical phishing elements including: 1) Strange “From Address,” 2) “To Address” is actually to another user with the author’s name 3) Unexpected job offer from select list and “university is aware of everything,” 4) Requesting information and alternative email, 5) High paying job for making payments at Wal-Mart, 6) Simple offer too good to be true.
From: Renelt, Miranda <md24rene@siena.edu>
Date: Fri, Aug 26, 2022 at 1:26 PM
Subject: SIENA JOB PLACEMENT
To: Dr:Daisy Johnson <rudyj3694@gmail.com>
Dear Student,
I'M Daisy Johnson, I work as a clinical counselor for the Department of Disability of Health and Human Services DHHS.I provide individual and group therapy as well as coaching assessment, and academic screenings to support students with and psychiatric disabilities, among others enrolled with the DHHS..
A great percentage of the students served by this mental health unit have psychiatric or co-morbid psychiatric disabilities and need mental health support to be successful at the university. As such, the unit provides the required mental health support while seeing and assessing undiagnosed university students with Academic difficulties through the academic screening and assessment process. Alongside that, I am the director of the supervision, training, and coordination of Counseling Psychology and Clinical Psychology graduate students of the United States who have practicum at DHHS and APA-accredited school psychology predoctoral internship.
You have received this email because you have an offer from the University Office to work with me...
Should you choose to accept the offer you'll temporarily act as my personal assistant while we help students with disabilities who are frustrated with ignorance and the lack of services. To satisfy whatever curiosity you might have, I care about animal welfare, arts and culture, children, civil rights and social action, education, environment, disaster and humanitarian relief social services, and lots more.
This is a very simple job. You will only help me mail some letters, make a few payments at Walmart, and purchase some items when needed. This Employment only takes an hour a day, 2-3 days a week, for $700 weekly. I cannot meet up for an interview because I am currently away, helping disabled students in Australia. Nevertheless, you will be paid in advance for all tasks done on my behalf. Some of my letters/mail will be forwarded to your residence or nearby post office for you to pick up at your convenience. Upon my arrival, we will discuss the possibility of making this a long-term employment if I am impressed with your services while I am away.
I got your email through a shortlist from the Human Resources Department to give out jobs to a few students at your university. The university is aware of everything.
Kindly hand over the below Information to apply:
Names:
Address:
Phone Number:
Age:
Alternative Email Different from School Email:
"I'M EAGERLY AWAITING YOUR RESPONSE."
BEST REGARDS
DR:DAISY JOHNSON
How about a message from our Siena President?
Yes, we have had a lot of fake messages purporting to come from President Chris Gibson. Thus far, the sender’s email addresses have been obviously fake and not from cgibson@siena.edu. They also incorporate a lot of the same tricks we’ve seen in the past such as Hi are you available? or Hey can you help me out with this? Be aware that these scammers take the time to read our web site and the news and they will target us with specific information or people’s names!
How Can We Prevent Phishing Attacks?
ITS is constantly trying to educate our community and protect against these attacks. A layered approach to cybersecurity is a prudent way to reduce the risk of attacks from various vectors. Here are some tips:
- Question communications you receive. Can you trust and validate you are communicating with someone you trust?
- With the prevalence of coronavirus-related phishing schemes, be cautious and suspicious of emails (look for spelling and grammar errors, check the sender’s email address, does the message make sense or is it out of the ordinary )
- Pay special attention to who sent the message and where your replies are addressed to. Do those email addresses make sense for a legitimate business?
- Ensure your operating systems are updated regularly with security patches (hopefully automatically)
- Use and update endpoint anti-virus, anti-phishing, anti-spam and anti-malware tools
- Heed attention to Google banners and warnings about viruses and reported phishing alerts
- Contact ITS if you suspect you fell for a scam or got infected as soon as possible
Use your best judgement when reviewing all email and phone calls and if you ever have a question on the legitimacy of an email you can always contact the ITS Help Desk.