X

Current Alerts

9/16/2019 - "NOTICE:Court Invitation Letter"

A phishing attempt that looks like it is about a request to show up in court has been reported to ITS.  The email looks like:


Hello,

I will like to inform you that your immediate attention is requested in court on Thursday the 19th Of September 2019, As your expected time of arrival and appointment letter are carried


Please delete these emails from your inbox if you receive one.

8/22/2019 - "Earn Extra Cash Weekly"

ITS has had a number of reports about an email looking for an "Administrative Assistant" from a compromised UofM account. Part of the email look like:

Administrative Assistant
Good day

Work at your convenience and earns $450 weekly. It's a Flexible part-time job where you will determine your working time. All the tasks are work from home/on campus job, you don't need to travel somewhere and also you don't need to have a car to get started. It's an home base office work you can be in any location and work from your home/school

6/26/2019 - "UofM Payroll Clerk"

ITS is monitoring a new phishing scam using a few compromised accounts, asking people to click on a link for details about earning an extra $600 by working part time. 

Do not fall for this scam. This is NOT how UofM advertises available jobs. 

6/6/2019 - "Extra Income" and "Work Part Time"

ITS has seen an increased activity in scam emails asking University students, faculty and staff from different sources. Some scams are asking you to put signage on your car to earn money. Others are saying they know how you can work part-time and get paid $350 or $400 a week, if only you will reply to an email or click a link. 

These scams are to entice people to start a conversation with a social engineer. Don't fall for the scams.  If something is too good to be true, it usually is. 

3/27/2019 - "Urgent" & "Are you on campus"

ITS has seen an increased activity in scam emails targeting University faculty and staff.  These scam messages often target specific members of a department and use external email accounts (like Gmail, Yahoo, etc.) containing the name of a department chair or director to build an immediate sense of trust and urgency.  The scam usually starts with questions asking whether the individual is available or on campus as the fake chair/director is in a meeting and needs help with a task or errand.  The scam culminates in a request to buy hundreds of dollars in gift cards and send the redemption codes to the individual.  As those funds can't be easily traced, the scammer is able to steal hundreds of dollars at a time and use or resell the codes to others.

The scam can easily be spotted in the From: or Reply-To: address of the message, as it will not match memphis.edu email address of the real chair/director.  Do not respond to these messages and do not provide personal information like phone numbers, as in some instances the scammer will attempt to use text messaging to further the scam.  If you do receive a message similar to what is described above, forward the message to abuse@memphis.edu.


 

9/10/2018 - "FW!!!Good Afternoon*****"

ITS has monitored a new fake job scam, similar to the message below. Please be alert for unsolicited job offers from companies or services that you can't verify, or offer payment terms that are too good to be true.

Subject: FW!!!Good Afternoon*****
 
I am Edward R. Carr  a geographer and anthropologist whose career and research focus on exploring alternative ways of achieving meaningful and end= uring improvements to human well-being. I worked in rural sub-Saharan Africa on issues of development and global change among various rural communities. My scholarship and teaching encour= age students and development professionals to reexamine the sometimes-damaging preconceptions embedded in development theory; in my book Delivering Development: Globalization's Shoreline and the Road to a Sustainable Future, I demonstrates how these commonly held beliefs about globalization and development have failed the global poor, and how to redefine what assistance to developing communities really means in an ever-changing world.
You have been selected to work with me through the  Universities  HR departments as my PA while I attend to a United Nations Environment Programme in Australia. You will only Mail letters, Reply emails and run errands on my behalf at $500/wk. I will meet you on campus upon my arrival by the last week to September for one on one interview and possibilities of making it a long term employment if you impress me while I am away. 
In addition , I am the author of more than 50 publications on issues of development, adaptation to climate change, and the changing global environment. Of particular note, I was the lead author of two global environmental assessments (the Millennium Ecosystem Assessment and the The United Nations Environment Programme's Fourth Global Environment Outlook) and was review editor for a chapter of the Intergover= nmental Panel on Climate Change's Fifth Assessment Report. So you understand you are working with a very busy person.  To apply for this position, Please send your Full Name, E-mail, Alternate E-mail and Mobile here.
Note: I will communicate via email frequently and you must be able to check= your emails every 10 minutes for important employment update or tasks.

8/17/2018 - "2018 Opportunity"

ITS has monitored a new fake job scam, similar to the message below. Please be alert for unsolicited job offers from companies or services that you can't verify, or offer payment terms that are too good to be true.

Mystery Shopping ® is accepting applications for qualified individuals (18+) to become shoppers and merchandisers. Its fun and rewarding, and you can choose when and where you want to shop Wal-mart, Rite-aid,Walgreen e.t.c . There is no charge to become a shopper and you do not need previous experience. After you sign up, We would pay $250 per assignment. Apply now to become a Secret Shopper™.

Thank you for participating.
Mystery Shopping™
6 Research Drive
Shelton, CT 06484. U.S.A
Attn: Sahera Housey


8/7/2018 - "JOB ANNOUNCEMENT"

Be on the lookout for more fake job scams, similar to the message below, and always be wary of unsolicited job offers in email when you cannot verify the source of the message.

ABOUT US

The Creative Magazine is the engine that drives greater sales and market share for consumer goods manufacturers and retailers around the world.

JOB TITLE:

Banana Boat Simply Protect Sunscreen Marketing Campaign!!!

JOB DESCRIPTION:

We are currently seeking to employ Individual who owns a Car as we look to introduce Banana Boat Simply Protect to every nooks and cranny especially in United State. The basic premise of the "Drive While Advertising" concept seeks people -- regular citizens, not professional drivers -- to go about their normal routine as they usually do, only with an advert of "Banana Boat Simply Protect" plastered on their car/truck.

Qualifications:

Must have a Car, Truck, Van or Motorcycle.

SALARY:

$250 weekly including $50 for gas

Interested Candidates should contact benjamin.penazek@creativemagonline.com for more information

Sincerely,

Creative Magazine Inc
Benjamin Penazek
31 Merrick Ave
Merrick, NY 11566, United States
(785) 430-6422
benjamin.penazek@creativemagonline.com

 


8/6/2018 - OneDrive Phishing

A new phishing message has been identified earlier today, posing as a message from an internal user.  The attached documents contain a link to a website designed to collect user names and passwords to be used as part of future phishing attacks.  Phishers are now utilizing attachments with website links to get around automated scanning of emails.  Please be wary of any email message that contain document attachments with links asking you to view a shared file.  Legitimate file sharing services will not use attachments to share website links.

From: foo@memphis.edu
Sent: Monday, August 06, 2018 1:59 PM
Subject: Foo Has Shared a file with you using One Drive

Hello,

Please find attached the Look Ahead files for Monday, 06 August 2018

Foo
Sent from my iPhone

OneDrive Image

 


7/9/2018 - "The University of Memphis Re-evaluated and Up to Date Disclosure of Information Guidelines For All Employees"

A new phishing message has been identified earlier today, posing as a message from the University President.  The message included the UofM logo, multiple grammatical errors, and a signature line with inaccurate information.  The message also included an attachment that was supposed to take the recipient to a secure webpage where they could download important "guidelines".  The webpage (screenshot below) included logos similar to Office 365, but was hosted on a malicious website.

Phishing Image

If you receive an email attachment or other content that you are unsure of, even if it is reportedly from the University, you may report the content by email to abuse@memphis.edu for further analysis. If you do open an attachment that appears to be malicious or untrustworthy, please contact the ITS Service Desk by phone at (901) 678-8888, via email at umtech@memphis.edu, or your LSP for further assistance.


6/29/2018 - "University Job Offer"

A new fraudulent "employment offer" email has been identified today, with the "offer" included in a Microsoft Word attachment named "University Job Offer.docx".  Similar to past scams, the "opportunity" offers large weekly payments in exchange for minimal work supporting a non-existent employee of the University.  The email asks for personal details, including a non-University email address so the scammer can avoid being blocked in the future.  Additionally, the email was sent from a non-UofM email account, most likely a compromised email account from another university.

Remember to treat unsolicited job opportunities like these with skepticism. If you receive any email message that has a suspicious attachment, originates from a non-UofM email account but references the University, asks you to apply for a job with suspicious terms, or respond with a non-memphis.edu email address, please report the message to ITS staff via email at abuse@memphis.edu or over the phone by calling the ITS Service Desk at (901) 678-8888. Additional information regarding phishing and other email scams can be found at Phishing.


1/24/2018 - Job Opportunity Scams

A new "job opportunity" scam email is targeting memphis.edu email accounts.  This scam, and others like it, typically request the candidate fill a role as a personal assistant with minimal hours and high wages.  They ask for details such as resumes or other personally identifying information prior to "acceptance".  Once "employed", wages will be sent via fake electronic check before the individual is asked to send a portion of the funds to some other account.  An examples of an email for this type of scam, called Advance Fee Fraud, is below:

We are emailing you concerning a new employment offer through the
University's recruiting department.

We are UK based company that offer incorporation services to our
clients all over the globe so If you are resourceful, organized, good
with paperwork and honest, you can make six hundred dollars ($550) in
a week , as a business assistant. This flexible but formal position
would only take at most two hours of your time daily, or even less,
depending on your work-speed.You would be needed Mondays through
Fridays, but the job's flexibility lies in the fact that your duties
are clear-cut and would take little of your time to be executed
daily.Kindly reply with your alternate email different from
Educational email and mobile

Remember to treat unsolicited job opportunities like the message above with skepticism. If you receive any email message that has a suspicious attachment, asks you to apply for a job with suspicious terms, or respond with a non-memphis.edu email address, please report the message to ITS staff via email at abuse@memphis.edu or over the phone by calling the ITS Service Desk at (901) 678-8888. Additional information regarding phishing and other email scams can be found at Phishing.


11/20/2017 - "Memphis Alert" / "Attention! Verify E-mail Now To Avoid Close Down"

Several new phishing messages are making the rounds, attempting to trick individuals into entering their username and password into compromised websites.  If you receive a message with content similar to the messages below, do not click on the links and report the messages to ITS staff via email at abuse@memphis.edu or over the phone by calling the ITS Service Desk at (901) 678-8888.

Dear User,

We received a request from you to delete your email permanently.

Your request is being processed, and in less than 24hrs it will be effected.

If you did not make this request click here and sign back in to avoid automatic closure.

IT Help Desk.
University of Memphis.

and

Some instructions needed to back up your office365 E-mail existence , it

would be greatly APPRECIATED . click here to fill containment

to verify e-mail to avoid closed down.

Helpdesk

Office Information Technology

As a reminder, ITS staff will not send you emails asking you to verify, upgrade, backup, or click to prevent your account from being closed.  Please see further examples of phishing below.


10/12/2017 - Phishing

A reminder on phishing - cybercriminals continue to send emails using social engineering techniques to trick you into revealing your username and password.  Once they have your login credentials, they can login to systems as you, access your data, and potentially alter your information.  UofM ITS will never email you asking you to:

  • "Verify" your email account to prevent it from being suspended or deactivated
  • "Upgrade" your email account or email quota
  • "Verify" your email account to enable new antivirus settings
  • "Update" your email account during "scheduled maintenance"

If you receive a message with one of the above phrases, please report the email to abuse@memphis.edu.  Even if the message appears to be sent from a memphis.edu email address or links to a webpage that looks like a memphis.edu site, treat with caution and report it to ITS staff via email at abuse@memphis.edu or over the phone by calling the ITS Service Desk at (901) 678-8888.  Examples of past phishing attempts can be seen at Phishing Examples.


10/02/2017 - Email Scams

Fraudulent email scam attempts targeting UofM email accounts are increasing over time. The text of these scams vary, but typically the email that you receive makes an unsolicited job offer requiring little effort and a high reward. When responded to, the scammer usually asks for personal information about you that could potentially be used for stealing your identity. Additionally, the salary for accepting the job will be sent to you as a forged check, and you will be asked to wire some portion of the funds to someone else "as payment". The check sent to you will eventually bounce, and your hard-earned money will be sent to the scammer as a payment for the scam.

If you receive an email attachment or other content that you are unsure of, you may report the content by email to abuse@memphis.edu for further analysis. If you do open an attachment that appears to be malicious or experience an issue with ransomware, please contact the ITS Service Desk by phone at (901) 678-8888, via email at umtech@memphis.edu, or your LSP for further assistance.


09/08/2017 - Equifax Data Breach

A major data breach has been announced by consumer credit reporting agency Equifax Inc. on 09/07/2017.  Equifax is one of three major credit reporting agencies in the United States used by credit card companies, banks, and lenders to verify the financial history of their customers.  The breach involved the release of personal data such as Social Security numbers, birth dates, addresses, and driver's licenses of approximately 143 million people in the United States, Canada and the UK.

Although the number of individuals impacted by the Equifax breach was lower than some other recent data breaches, the Equifax breach is serious due to the size and breadth of the data that was accessed by cybercriminals.  Anyone in possession of the data on an individual could use that data to fraudulently apply for credit cards, loans or other credit.  Unlike other breaches including credit card numbers or login information, the information breached at Equifax like name, SSN or birthdate cannot be changed or reset by a consumer.

At this time, Equifax will not be alerting individuals potentially impacted by the data breach, unless individual's credit card numbers or credit record dispute records were accessed.  Equifax has created a website at https://www.equifaxsecurity2017.com/ where consumers can check to see if their data was potentially involved in the breach.  Equifax is also offering a year of their own credit monitoring services for consumers impacted by the breach if they agree to certain terms the company provides.

In light of this breach, please use caution when responding to emails that request your personal information or that appear to be from Equifax or other credit agencie.

For more information on ways to protect yourself against or recover from identity theft, please see the following resources from the Federal Trade Commission (FTC);