Phishing

Phishing

  • Phishing11
  • Phishing222
  • Phishing333
  • Phishing41
 Phishing attempts this week             All recent phishing attempts

 

Is it phishing ?

Scammers and spammers know that people are busy and, most likely, will read their mail quickly with out spending much time looking at the message itself.  It is this characteristic that they are relying on when they send out these messages.  Identifying a phishing attempt can be easy, as long as you know what to look for and take your time to look at the message for the clues indicating it may be a phishing message. 

There is a difference between spam and phishing. Spam is unsolicited email, usually from someone trying to sell something and does not try to obtain personal or confidential information.  Other than cluttering up one's inbox, spam usually does no harm.  To control this type of mail simply flag the item as junk. 

What is phishing and is there more than one type?

Tips and identifying phishing

 

I replied to a phishing message - now what ?

It happens, you are busy, you just got back from a 2 week vacation and now have to catch up on all of that email in your Inbox.  Then it occurs to you, but a little too late, that last email ... something about it did not look quite right!  You may have just responded to a phishing attempt.  All is not lost, but time can be important so take action quickly to lessen any possible harm. 

More information on what to do (remediation)

 

Most recent phishing attempts

Phishing on CSU cell phones and CSU office phones

For CSU cell phones: if you receive any messages or calls from 611 or 1-800-331-0500 and prompts you to provide personal information, do not respond. The phone is owned by the University and no personal information is tied to the phone service. No changes can be made by users; only Telecommunications Office is authorized to make any changes to the account.

For CSU office phones: if you receive calls from outside callers claiming that you have placed a call to them without your knowledge (i.e...... your direct number is appearing as caller ID instead of 216-687-2000), than your telephone number may have been “spoofed”.  Please alert Telecommunications if this becomes a recurring issue. We will work with you on an individual basis on how to address the situation.


CSU will never send you an email from an account with the address of xxx@vikes.csuohio.edu (this indicates a student email account); xxx@cmlaw.csuohio.edu (this indicates a law student email account) or xxx@alumni.csuhio.edu (this indicates an alumni email account).  


If you receive any of the messages similar to those described below, or any of those listed in the archives (items received within the previous 6 months):

  • Do not reply, select any link or open any attachments
  • Mark the item as phishing (this will send the item to Microsoft for review and flag the item as "junk" in your mailbox) or delete the item. 

If the email you received is not listed below, or in the archives, and it contains the hallmark of a phishing attempt, forward the email to phishing@csuohio.edu so that we can make others aware and take action to minimize any potential negative effects.

Listed below are the more recent phishing attempts detected on CSU accounts.  They are listed by the wording listed within the subject line, followed by a brief description of the email.  To view an example of the email, select the subject listed.

New this month

**** Special Notice ****

If you receive an email from what appears to be an individual you are associated with at CSU, and the email indicates they need to contact you but are unable to do so due they being in a meeting, on the road etc. and requests you email them back, check the email address that the mail was sent from, do not simply look at the name listed as it being sent from.  By looking at the email address, you will note that the mail was not sent from the individual that it initially appears to have been sent from.  These mails are being sent in an attempt to have people reply and then follow up emails will request confidential information, money in the form of cards, or other personal information.  If you receive one of these, DO NOT REPLY, simply delete the item.

*************************

  • Home Based Data Entry / Payroll Assistant Needed!!! - Email claiming to be from a company that is hiring. The link will take you to a fake application page designed to gather your information. Do not reply or open the links, simply delete the email.  Simply scan your device for malware/viruses, and change your passwords if you wish. (4/15)

  • Urgent - Billing Statement is available - Email claiming to be from Microsoft claiming that your payment information for Office 365/Exchange needs to be updated. The links in the document will likely take you to what looks like a microsoft login page. This is a fake login page designed to gather your user ID and password. Do not reply or open the links, simply delete the email.  Simply scan your device for malware/viruses, and change your passwords if you wish. (2/18)

  • Password Rest!!! - email that claims you need to change or renew you password. There will be a link where it will ask for your current password. Do not enter your credentials. Do not reply, simply delete the email.  Simply scan your device for malware/viruses, and change your passwords if you wish. (2/6)

  • Remittance Advise 393911 - email that claims to have an invoice for you and to be from a member of the University of Chicago or another university. The email will include an attachment in the form of a pdf, which is infected. Do not reply or open the attachment, simply delete the email.  Simply scan your device for malware/viruses, and change your passwords if you wish. (2/6)

  • Office Support - License Expired - Email claiming to be from Microsoft claiming that your license for Office 365/Exchange has expired. Most of the links in the document will likely be non-functional, but the first one will work and take you to what looks like a Microsoft login page. This is a fake login page designed to gather you user ID and password. Do not reply or open the links, simply delete the email.  Simply scan your device for malware/viruses, and change your passwords if you wish. (1/30)

  • Today - mm/dd/yyyy - email claiming to be from a fellow student talking about a job opportunity. The email will contain a link leading to a site with malicious content. If you open the link, your account will send out the email you received to more users and the process will repeat. Do not reply or open the attachment, simply delete the email.  Simply scan your device for malware/viruses, and change your passwords if you wish. (1/15)

  • Hello, are you available? - email that claims to be from a professor and/or interim department chair (The email address these are sent from are wrong, but will potentially show the right name. Always check the actual email address). If you respond they will ask you to buy them some form of gift card, ususally Google Play cards, and will state that they will reimburse you. They'll ask you to take a picture of the cards after scratching off the pin code cover. (1/13)

  • Must Read... - email that claims the sender knows of openings in a company/group called "The Engine Group", and will likely ask for personal information saying they will give it to this company in order for them to hire you. The email will also include an attachment, in the form of a word document which is infected. Do not reply or open the attachment, simply delete the email.  Simply scan your device for malware/viruses, and change your passwords if you wish. (12/20)

  • Bitcoin Phishing - email that claims the sender has one of your passwords and knowledge/proof of some form of wrongdoing you have done, the password may even seem familiar.  It is an attempt to convince you to send money to them in the form of bit coins.  Do not reply, simply delete the email, the sender is spoofing the email addresses in the email.  Simply scan your device for malware/viruses, and change your passwords if you wish. (12/20)

  • Important task - email that claims to be from an interim department chair and/or professor (The email address these are sent from are wrong, but will potentially show the right name. Always check the actual email address). If you respond they will ask you to buy them some form of gift card, ususally Google Play cards, and will state that they will reimburse you. They'll ask you to take a picture of the cards after scratching off the pin code cover. (12/13)

To view a list of these and other Phishing notices that we have received within the past 6 months, please visit the archives.   

top