Festival of Phishes
Category: Phishing
Scam Emails Targeting Campus Accounts
Campus accounts have been targeted by a few scam and phishing emails this week. Examples are provided below. Do not reply to these emails or click on the links.
Unsolicited job offers are likely to be scams, especially if they’re offering to pay $150+/hour. Do not reply to this email and be cautious of requests for your personal information.
If you clicked on a link and provided your credentials you should use Account Center (via the Portal) to reset your password.
ISEC was able to remove scam emails from campus mailboxes, and the links used have been reclassified as phishing and blocked on campus networks. Any campus accounts used to send these messages have had their passwords reset.
Cybersecurity Month, Week 4: When Criminals go Phishing, Don’t Take the Bait
Week 4 is all about identifying Phishing. Phishing is when criminals use fake emails to lure you into handing over your personal information or installing malware on your device. It’s easy to avoid a phishing email, but only once you know what to look for.
You can find more information about Week 4 of Cybersecurity Month at https://www.csuchico.edu/isec/2022-cyber-security-awareness/week4-cyber-security-awareness-2022.shtml
Phishing Scam Alert
ITSS has received reports that campus employees have been targeted with phishing attacks. These attacks have used email and SMS text messages, posing as campus employees requesting assistance.
Example of the text sent to employees:
Are you available . I am at a meeting and limited to calls, but I am good to go with texts if that works. Need you to handle a task.
Typically these type of attacks will request help with obtaining gift cards. An example of a previous version of this scam is detailed at https://itss.csuchico.edu/2020/06/04/campus-spearfishing-attack/
If you receive a suspicious message delete it without responding, or directly verify with the sender that the message is legitimate. More information about phishing scams is available at https://www.csuchico.edu/isec/resources/avoid-threats/spam-phishing.shtml
Ransomware Alert
The LA Unified School District experienced a debilitating ransomware attack over the weekend, and several advisories have been released this week that have reported similar events targeting the education sector. Our Information Security Team and various other Division of IT Teams are actively monitoring the situation and staying up to date with the recommended compensating controls by the cybersecurity community. As details evolve, we wanted to share some helpful tips:
- Be cautious of unexpected emails and emails from unknown senders. If an email seems suspicious verify its legitimacy with the sender or with ITSS before providing information or clicking on any links. Phishing is the primary method for ransomware attacks. More information about phishing is available at https://www.csuchico.edu/isec/resources/avoid-threats/spam-phishing.shtml
- Store files in a secure location. Box is the approved cloud-based content storage and collaboration service for university staff and faculty. More information about Box can be found at https://support.csuchico.edu/TDClient/1984/Portal/KB/?CategoryID=2877
- Make sure your computer has system updates installed. Campus-managed computers have system updates installed automatically.
- If not already used, consider enabling multi-factor authentication for personal accounts used for finance, email, and social media services. Popular options include text message verification, Face ID, or Google Authenticator.
NPR’s reporting on the incident can be found at https://www.npr.org/2022/09/07/1121422336/a-cyberattack-hits-the-los-angeles-school-district-raising-alarm-across-the-coun
Virtual Assistant Scam
Sorry, some guy you’ve never heard of isn’t really going to pay you $150/hr to go to Walmart for him. This is a scam.
IRS Warns Universities of Scam
The Internal Revenue Service warned of an ongoing IRS-impersonation scam that appears to primarily target educational institutions, including students and staff who have “.edu” email addresses.
The IRS has received complaints about the impersonation scam in recent weeks from people with email addresses ending in “.edu.” The phishing emails appear to target university and college students from both public and private institutions.
The suspect emails display the IRS logo and use various subject lines such as “Tax Refund Payment” or “Recalculation of your tax refund payment.” It asks people to click a link and submit a form to claim their refund.
The phishing website requests taxpayers provide their:
- Social Security number
- First Name
- Last Name
- Date of Birth
- Prior Year Annual Gross Income (AGI)
- Driver’s License Number
- Current Address
- City
- State/U.S. Territory
- ZIP Code/Postal Code
- Electronic Filing PIN
If you received a phishing email you should delete it without clicking on links or replying.
COVID-19 Phishing
The phishing email below was sent to some campus accounts on Sunday. If you clicked on the link and entered your credentials please use Account Center to change your password immediately. More information about phishing is available at https://www.csuchico.edu/isec/resources/avoid-threats/spam-phishing.shtml.
Phishing Alert
Campus accounts have been targeted with a few phishing email and job scams this week. See the examples below.
Employee Phishing Alert
The following phishing email was sent to some campus employee accounts.
Do not respond to this email. This email should be deleted. More information about phishing scams is available at https://www.csuchico.edu/isec/stories/phishing.shtml.
