Current Alerts

5/21/21  Phishing attacks from senders posing as University employees

Several UofM faculty and staff members have recently received phishing emails from senders claiming to be University leadership or department heads. These emails are sent from fraudulent addresses created to appear as though they are personal accounts of University employees. The messages typically begin with a phrase such as “Are you available?” or similar language to create a sense of urgency and request the recipient's phone number or send them a number to call or text. Ultimately, the scammer attempts to trick the target into purchasing gift and/or scratch-off lottery cards with their own money.

If you receive one of these emails, do not respond. Forward the email to abuse@memphis.edu. When receiving a request for personal or contact information, pay close attention to details such as the sender's email address or language that doesn’t match what you typically receive from the individual. Follow up with the person by calling a known and trusted phone number to verify any unusual requests, especially if they include any purchase or financial transaction. Do not share personal or contact information with any suspicious source.

7/30/20  Recognize and avoid fraudulent email to Microsoft customers

If you receive an email message that claims to be distributing a Microsoft security update, it is a hoax that may contain malware or pointers to malicious websites. Don't click on it, just delete it.

Microsoft does not distribute security updates via email.


6/22/20 Black Lives Matter - Phishing

A phishing email campaign asking you to vote anonymously about Black Lives Matter is spreading the TrickBot information-stealing malware. A new campaign pretends to be from "Country Administration," asking recipients to vote anonymously about "Black Lives Matter." The email will download malware to the infected computer to steal files, passwords and security keys, spread laterally throughout the network and allow other threat actors to install ransomware.

Be extremely careful with any emails you receive, especially those that are politically or socially motivated, as they could be malware in disguise.

Forward suspicious emails to abuse@memphis.edu or contact the ITS Service Desk by phoning 901.678.8888, emailing umtech@memphis.edu or visiting https://www.memphis.edu/umtech/index.php.

6/8/20 Payment Sent at the Request of the Office of Student Affairs

There is a new scam email floating around from a compromised UofM account that promises a fabulous job opportunity. It asks you to text your personal info to a phone number in order to be considered.

Initially, the info requested might seem harmless enough but just know that any info in the hands of crooks can be used to harm you or someone else later on. The crook could use it to trick someone else while pretending to be you. 

Never give up personal information of any kind in response to an unsolicited text or email. Security = privacy, so keeping your personal information close to the vest also helps to keep you safe.

The text of the email is shown below with the phone number redacted.

  • Dr. Michael L. Hendrick is in search of a student intern to work as an assistant, completing several tele-work tasks for $500 per week. If interested, please text your full name, major, mailing address, best contact number, and alternate email to (479) 888-xxxx. Please be aware that Junior and Senior students will be considered with priority at this time.

 5/28/20 Hijacked Mobile Phone Numbers

So now that we are security-aware and have dutifully enabled Multi-Factor Authentication (MFA) on all our important accounts, we're safe, right?  Well, not just yet.

Most people use a mobile phone number to receive a text as the second form of identification when logging on so hackers have adapted by hijacking mobile phone numbers. They get your phone number, contact your cellular provider pretending to be you and request to have the phone number switched over (ported) to a new phone (with a new SIM card). Then when they log on somewhere as you, the MFA text to verify the logon now goes to the hacker's phone instead of yours. This terrifying practice is called SIM-Swapping or sometimes Port-Out Fraud.

How to Tell?

  • Your phone stops receiving calls or texts.
  • Shows "no service" at the top where the cellular carrier is usually displayed.
  • Your phone can only make 911 calls.

What to do?

  • Contact your cellular provider asap.
  • Change the password on all accounts where a text is used for MFA.
  • Contact your bank.
  • File a police report.

 How to Prevent it?

  • Stick a PIN in it - Every major US carrier offers the option of putting a PIN or passcode on your mobile account before any changes can be made over the phone or online, so take them up on that immediately.  Having a PIN or passcode on your cellular account adds another layer of protection a hacker has to get through before he/she can compromise your identity.
  • Don't respond – If someone you don't know calls or texts you asking for information, don't respond!  If the caller claims to be from a business you are familiar with, hang up and call that business using a number you trust, such as the number on your bill or on the company's website.
  • Don't overshare – The bottom line here (and always) is that security = privacy.  Hackers often do considerable research on their victims in advance so don't make it easy for them to find out your name, address, birthdate, mother's maiden name, pet's names, car make & model etc. by revealing that stuff voluntarily on social media.  When it comes to social media, close to the vest is best.

5/5/20 Covid-19 Phishing Email -  "Your Check"  ... Again.

Sound familiar?  Well, that's because it is.  There is yet another phishing email circulating with a subject of "Your Check" offering a sketchy job opportunity.  This is a scam.  And of course, do not click on any links or send any information to the phone number listed.  This one looks like the below and may even come from a memphis.edu email address.

  • Due to the social distancing and isolation measures, the Centers for Disease Control and Prevention is working hand in hand with your university in search of people to work as an online purchase and personal assistant by helping doctors making Bill payments, replying to emails, and purchasing medical and home supplies. This is Strictly an online opportunity for $500 weekly. No going out of your home. For applications, text your name, physical address, and age to Dr. Susan @ 479888xxxx and we shall contact you for proceedings...

 4/20/20 Covid-19 Phishing Email "Your Check"

There is a new phishing email circulating pretending to be from the CDC with a subject of "Your Check" and offering a job opportunity for $500/week. This email is a scam.  Do not click on any links or send any personal information to the number given there.

It looks something like this and may even come from a memphis.edu email address.

  • Would you like to work as an online CDC assistant helping COVID-19 patients purchase items and get paid for $500 per week? No going out of your home. For applications, text your name, address age to (479) 888-xxxx and we shall contact you for proceedings..
  • Regards CDC

 4/7/20 Phishing Email "Payroll and Benefits Adjustment"

ITS is monitoring an on-going phishing attack in which emails are sent with a subject of "Payroll and Benefits Adjustment." The email references an "urgent update about the Faculty and Staff Benefits and Compensation" and refers users to a fake sign-on page that looks very similar to the UofM sign-on page. NOTE: the official UofM single sign-on page URL begins with "sso.memphis.edu" and uses https for security (denoted by a lock symbol in some browsers).

If you receive any suspicious emails, do not click any links therein or open any attachments. Instead, please call the appropriate office on campus with any questions and to confirm the email's authenticity.

In the event you have clicked on the email and provided your user name and password, please contact the ITS Service Desk at 901.678.8888 immediately for assistance in changing your password.

  4/2/20 Covid-19 Email Scams

As we all adjust to a "new normal" of daily life, be aware that hackers are still operating in full force to take advantage of the confusion. There are many active email and social media scams going around involving Covid-19.  Here are some tips to keep you safe.

  • Never click on any links or attachments in an unsolicited email.  Take a few seconds to ask yourself:
    • Am I expecting an email from this person?
    • Is the sender's email "from" address what I would expect?
    • Would this person send me an attachment, link or request of this type?
    • Does the "voice" of the email fit the sender?
  • Hackers often try to create a sense  of urgency to spur you to act quickly.  Be suspicious of any email (even seeming to be from someone you know) claiming an emergency and asking you to send money or gift cards.  Call the requester on a known number before taking any action.
  • Be cautious of any email or social media request involving Covid-19 aid or assistance. Verify the authenticity of charities before contributing. Scammers often set up fake charities and websites to collect your cash.
  • Only use trusted sources for information and check them often for updates. UofM updates are posted here: https://www.memphis.edu/health/coronavirus/ and CDC updates can be found here:  https://www.cdc.gov/coronavirus/2019-nCoV/index.html
  • Report any such email received in your UofM email to abuse@memphis.edu or to the ITS Service Desk.