Phish of the Month
Recently, an email was delivered to UA users, supposedly offering employment. Here is a sample of this email:
From: notfrankwitmer[@]alaska[.]edu To proceed with the application, kindly text Professor Frank Witmer, Ed.D. at (XXX) XXX-XXX stating your full alias, email, department, and year of study about the job description and further application requirements. Best Wishes, Frank Witmer |
While the job in this email (and others like it) seem like a wonderful opportunity, this is not an authentic email from Dr. Witmer or the University of èßäÊÓƵ.
How this scam works
- The scammer poses as a reputable individual, usually a respected professor, that is offering a tempting employment opportunity.
- The scammer asks the victim to respond with a personal (non-èßäÊÓƵ) email.
- There is usually some reason they can't meet you in person for an interview, but despite this, the victim is still awarded the "job."
- There is an exchange of funds; often the scammer will send a check to the victim that is significantly larger than the amount agreed upon; the scammer asks for part of it to be wired or transfered via Zelle, CashApp, or other money transfer app. This can also manifest as the scammer sending a check to cover new "equipment;" the web store front is fake, but the money is sent to the attacker.
- By the time the money is wired and gone, the initial check has bounced, leaving the victim on the hook for the money they sent the scammer.
How can you tell?
In the past, phishing emails were less sophisticated, were riddled with misspelling and obvious grammatical errors. In the above example, the threat actor has done some research but has still included awkward phrasing and mistakes (we have formatted these items in bold).
Phishing emails use a few tactics to encourage you to act, such as:
- offers that are too good to be true
- things you might miss out on if you don't act fast (we underlined these items)
- negative consequences if you don't do what they tell you
- attempts to impersonate people who are known to you
Don't take the bait! Take a few seconds to scrutinize these emails and look for these
tactics before acting.
What should you do?
If you use Google Mail in the web client, please report these emails as phishing (instructions here: Alerting Google in this manner helps keep emails like these out of inboxes, as well as sending a notice to the OIT Security Operations team for further investigation.
Outlook user? Submit a report to mark these emails as dangerous.
As always, contact your local Service Desk if you need assistance!
UAA or call 907-786-4646 |
UAF & SW (OIT) or call 907-450-8300 |
UAS or call 907-796-6400 |