Cyberscam Alert: Increase in phishing emails targeting faculty and staff
The Office of Information Security (OIS) warns about an increase in a phishing attacks targeting faculty and staff.
About the scam(s)
The emails do not originate from a TU email address and have the External Email tag applied. Two recent frequent topics include:
- asking to “send me your available cell number“
- false notifications about Microsoft Office SharePoint and storage limits. See a PDF example.
Recognizing the scam
Look for a combination of these things:
- External email tag: [ CAUTION: This email is from outside of TU. Use caution before clicking links or opening attachments. If suspicious, report to phishing@towson.edu. ] The text is at the top of incoming emails coming from external sources, so you review and evaluate them to ensure the emails aren’t fake or malicious. Note: not all emails with this tag are malicious; it’s meant to raise your awareness.
- An unknown sender email address – Confirm if you recognize the email address, not the sender’s name.
- Generic open-ended questions in the subject or body. Examples include: ‘Are you available’, ‘do you have a minute’, or asking for your mobile phone number.
- Requests to move the conversation to a text.
- An unusual or strange purchase request.
What to do if you’ve received this type of scam
If you receive this or a similar suspicious email-including requests for financial files or information-in your TU account:
- Confirm the sender. Look up their info and contact them directly.
- Report the phish by using the ‘Report Phish’ button in Outlook on a computer, or by forwarding the email to phishing@towson.edu
- Do not reply through email or complete the request.
- Question the request. Ask yourself if the request is normal.
Categorised in: General
This post was written by Weldon, Jennifer