Phishing alert: HR-related scams are on the rise
Don’t fall for it! The Office of Information Security (OIS) in the Office of Technology Services (OTS) warns about a current phishing scam targeting faculty and staff.
About the scam
Attackers are falsely posing as licensed representatives for a fictitious state department and sending unsolicited phishing emails about providing consultation about retirement or benefits. The message contains links, and a request that you fill out a suspicious form to reserve an appointment. By providing this information, they will reach out with specific steps which may involve you sending personal identifiable information (PII). See a PDF example of this type of phishing scam.
Recognizing the scam
Look for a combination of these things:
- [EXTERNAL EMAIL – USE CAUTION] – The external tag is present at the top of all incoming emails coming from external sources. Note: not all emails with this tag are malicious; it’s meant to raise your awareness. If you receive an email about Retirement or Benefits Support from a @pensionrx email address, or any other external domain, please take caution. Towson University is not affiliated in anyway with this organization.
- An unknown sender email address. Confirm if you recognize the email address, not just the sender’s name.
- Suspicious links within the email.
What to do if you’ve received this type of scam
- Be extra cautious with any unexpected emails about retirement or benefits that aren’t from TU’s Office of Human Resources department or the State of Maryland.
- Do not reply. Don’t click on any links or reply back with your phone number or any personal identifiable information.
- Continue to report suspicious emails to OIS. Use the “Report Phish” button in Outlook or forward the email to phishing@towson.edu.
- Contact OHR with questions. If you have concerns about benefits or retirement, contact TU’s Office of Human Resources/Total Rewards department: Yore Awodipe, Sr. Benefits Specialist at iawodipe@towson.edu
For more information on recognizing suspicious emails and for real life examples, visit www.towson.edu/phishing. If you would like an OIS team member to give an interactive phishing Webex presentation to your group or department, submit a TechHelp service request or email securityawareness@towson.edu.
Tags: Benefits, OHR, OIS, OTS, phishing, phishing alert, retirement, scamCategorised in: General
This post was written by Weldon, Jennifer