Current Alerts

9/10/2018 - "FW!!!Good Afternoon*****"

ITS has monitored a new fake job scam, similar to the message below. Please be alert for unsolicited job offers from companies or services that you can't verify, or offer payment terms that are too good to be true.

Subject: FW!!!Good Afternoon*****
 
I am Edward R. Carr  a geographer and anthropologist whose career and research focus on exploring alternative ways of achieving meaningful and end= uring improvements to human well-being. I worked in rural sub-Saharan Africa on issues of development and global change among various rural communities. My scholarship and teaching encour= age students and development professionals to reexamine the sometimes-damaging preconceptions embedded in development theory; in my book Delivering Development: Globalization's Shoreline and the Road to a Sustainable Future, I demonstrates how these commonly held beliefs about globalization and development have failed the global poor, and how to redefine what assistance to developing communities really means in an ever-changing world.
You have been selected to work with me through the  Universities  HR departments as my PA while I attend to a United Nations Environment Programme in Australia. You will only Mail letters, Reply emails and run errands on my behalf at $500/wk. I will meet you on campus upon my arrival by the last week to September for one on one interview and possibilities of making it a long term employment if you impress me while I am away. 
In addition , I am the author of more than 50 publications on issues of development, adaptation to climate change, and the changing global environment. Of particular note, I was the lead author of two global environmental assessments (the Millennium Ecosystem Assessment and the The United Nations Environment Programme's Fourth Global Environment Outlook) and was review editor for a chapter of the Intergover= nmental Panel on Climate Change's Fifth Assessment Report. So you understand you are working with a very busy person.  To apply for this position, Please send your Full Name, E-mail, Alternate E-mail and Mobile here.
Note: I will communicate via email frequently and you must be able to check= your emails every 10 minutes for important employment update or tasks.

8/17/2018 - "2018 Opportunity"

ITS has monitored a new fake job scam, similar to the message below. Please be alert for unsolicited job offers from companies or services that you can't verify, or offer payment terms that are too good to be true.

Mystery Shopping ® is accepting applications for qualified individuals (18+) to become shoppers and merchandisers. Its fun and rewarding, and you can choose when and where you want to shop Wal-mart, Rite-aid,Walgreen e.t.c . There is no charge to become a shopper and you do not need previous experience. After you sign up, We would pay $250 per assignment. Apply now to become a Secret Shopper™.

Thank you for participating.
Mystery Shopping™
6 Research Drive
Shelton, CT 06484. U.S.A
Attn: Sahera Housey


8/7/2018 - "JOB ANNOUNCEMENT"

Be on the lookout for more fake job scams, similar to the message below, and always be wary of unsolicited job offers in email when you cannot verify the source of the message.

ABOUT US

The Creative Magazine is the engine that drives greater sales and market share for consumer goods manufacturers and retailers around the world.

JOB TITLE:

Banana Boat Simply Protect Sunscreen Marketing Campaign!!!

JOB DESCRIPTION:

We are currently seeking to employ Individual who owns a Car as we look to introduce Banana Boat Simply Protect to every nooks and cranny especially in United State. The basic premise of the "Drive While Advertising" concept seeks people -- regular citizens, not professional drivers -- to go about their normal routine as they usually do, only with an advert of "Banana Boat Simply Protect" plastered on their car/truck.

Qualifications:

Must have a Car, Truck, Van or Motorcycle.

SALARY:

$250 weekly including $50 for gas

Interested Candidates should contact benjamin.penazek@creativemagonline.com for more information

Sincerely,

Creative Magazine Inc
Benjamin Penazek
31 Merrick Ave
Merrick, NY 11566, United States
(785) 430-6422
benjamin.penazek@creativemagonline.com

 


8/6/2018 - OneDrive Phishing

A new phishing message has been identified earlier today, posing as a message from an internal user.  The attached documents contain a link to a website designed to collect user names and passwords to be used as part of future phishing attacks.  Phishers are now utilizing attachments with website links to get around automated scanning of emails.  Please be wary of any email message that contain document attachments with links asking you to view a shared file.  Legitimate file sharing services will not use attachments to share website links.

From: foo@memphis.edu
Sent: Monday, August 06, 2018 1:59 PM
Subject: Foo Has Shared a file with you using One Drive

Hello,

Please find attached the Look Ahead files for Monday, 06 August 2018

Foo
Sent from my iPhone

OneDrive Image

 


7/9/2018 - "The University of Memphis Re-evaluated and Up to Date Disclosure of Information Guidelines For All Employees"

A new phishing message has been identified earlier today, posing as a message from the University President.  The message included the UofM logo, multiple grammatical errors, and a signature line with inaccurate information.  The message also included an attachment that was supposed to take the recipient to a secure webpage where they could download important "guidelines".  The webpage (screenshot below) included logos similar to Office 365, but was hosted on a malicious website.

Phishing Image

If you receive an email attachment or other content that you are unsure of, even if it is reportedly from the University, you may report the content by email to abuse@memphis.edu for further analysis. If you do open an attachment that appears to be malicious or untrustworthy, please contact the ITS Service Desk by phone at (901) 678-8888, via email at umtech@memphis.edu, or your LSP for further assistance.


6/29/2018 - "University Job Offer"

A new fraudulent "employment offer" email has been identified today, with the "offer" included in a Microsoft Word attachment named "University Job Offer.docx".  Similar to past scams, the "opportunity" offers large weekly payments in exchange for minimal work supporting a non-existent employee of the University.  The email asks for personal details, including a non-University email address so the scammer can avoid being blocked in the future.  Additionally, the email was sent from a non-UofM email account, most likely a compromised email account from another university.

Remember to treat unsolicited job opportunities like these with skepticism. If you receive any email message that has a suspicious attachment, originates from a non-UofM email account but references the University, asks you to apply for a job with suspicious terms, or respond with a non-memphis.edu email address, please report the message to ITS staff via email at abuse@memphis.edu or over the phone by calling the ITS Service Desk at (901) 678-8888. Additional information regarding phishing and other email scams can be found at Phishing.


1/24/2018 - Job Opportunity Scams

A new "job opportunity" scam email is targeting memphis.edu email accounts.  This scam, and others like it, typically request the candidate fill a role as a personal assistant with minimal hours and high wages.  They ask for details such as resumes or other personally identifying information prior to "acceptance".  Once "employed", wages will be sent via fake electronic check before the individual is asked to send a portion of the funds to some other account.  An examples of an email for this type of scam, called Advance Fee Fraud, is below:

We are emailing you concerning a new employment offer through the
University's recruiting department.

We are UK based company that offer incorporation services to our
clients all over the globe so If you are resourceful, organized, good
with paperwork and honest, you can make six hundred dollars ($550) in
a week , as a business assistant. This flexible but formal position
would only take at most two hours of your time daily, or even less,
depending on your work-speed.You would be needed Mondays through
Fridays, but the job's flexibility lies in the fact that your duties
are clear-cut and would take little of your time to be executed
daily.Kindly reply with your alternate email different from
Educational email and mobile

Remember to treat unsolicited job opportunities like the message above with skepticism. If you receive any email message that has a suspicious attachment, asks you to apply for a job with suspicious terms, or respond with a non-memphis.edu email address, please report the message to ITS staff via email at abuse@memphis.edu or over the phone by calling the ITS Service Desk at (901) 678-8888. Additional information regarding phishing and other email scams can be found at Phishing.


11/20/2017 - "Memphis Alert" / "Attention! Verify E-mail Now To Avoid Close Down"

Several new phishing messages are making the rounds, attempting to trick individuals into entering their username and password into compromised websites.  If you receive a message with content similar to the messages below, do not click on the links and report the messages to ITS staff via email at abuse@memphis.edu or over the phone by calling the ITS Service Desk at (901) 678-8888.

Dear User,

We received a request from you to delete your email permanently.

Your request is being processed, and in less than 24hrs it will be effected.

If you did not make this request click here and sign back in to avoid automatic closure.

IT Help Desk.
University of Memphis.

and

Some instructions needed to back up your office365 E-mail existence , it

would be greatly APPRECIATED . click here to fill containment

to verify e-mail to avoid closed down.

Helpdesk

Office Information Technology

As a reminder, ITS staff will not send you emails asking you to verify, upgrade, backup, or click to prevent your account from being closed.  Please see further examples of phishing below.


10/12/2017 - Phishing

A reminder on phishing - cybercriminals continue to send emails using social engineering techniques to trick you into revealing your username and password.  Once they have your login credentials, they can login to systems as you, access your data, and potentially alter your information.  UofM ITS will never email you asking you to:

  • "Verify" your email account to prevent it from being suspended or deactivated
  • "Upgrade" your email account or email quota
  • "Verify" your email account to enable new antivirus settings
  • "Update" your email account during "scheduled maintenance"

If you receive a message with one of the above phrases, please report the email to abuse@memphis.edu.  Even if the message appears to be sent from a memphis.edu email address or links to a webpage that looks like a memphis.edu site, treat with caution and report it to ITS staff via email at abuse@memphis.edu or over the phone by calling the ITS Service Desk at (901) 678-8888.  Examples of past phishing attempts can be seen at Phishing Examples.


10/02/2017 - Email Scams

Fraudulent email scam attempts targeting UofM email accounts are increasing over time. The text of these scams vary, but typically the email that you receive makes an unsolicited job offer requiring little effort and a high reward. When responded to, the scammer usually asks for personal information about you that could potentially be used for stealing your identity. Additionally, the salary for accepting the job will be sent to you as a forged check, and you will be asked to wire some portion of the funds to someone else "as payment". The check sent to you will eventually bounce, and your hard-earned money will be sent to the scammer as a payment for the scam.

If you receive an email attachment or other content that you are unsure of, you may report the content by email to abuse@memphis.edu for further analysis. If you do open an attachment that appears to be malicious or experience an issue with ransomware, please contact the ITS Service Desk by phone at (901) 678-8888, via email at umtech@memphis.edu, or your LSP for further assistance.


09/08/2017 - Equifax Data Breach

A major data breach has been announced by consumer credit reporting agency Equifax Inc. on 09/07/2017.  Equifax is one of three major credit reporting agencies in the United States used by credit card companies, banks, and lenders to verify the financial history of their customers.  The breach involved the release of personal data such as Social Security numbers, birth dates, addresses, and driver's licenses of approximately 143 million people in the United States, Canada and the UK.

Although the number of individuals impacted by the Equifax breach was lower than some other recent data breaches, the Equifax breach is serious due to the size and breadth of the data that was accessed by cybercriminals.  Anyone in possession of the data on an individual could use that data to fraudulently apply for credit cards, loans or other credit.  Unlike other breaches including credit card numbers or login information, the information breached at Equifax like name, SSN or birthdate cannot be changed or reset by a consumer.

At this time, Equifax will not be alerting individuals potentially impacted by the data breach, unless individual's credit card numbers or credit record dispute records were accessed.  Equifax has created a website at https://www.equifaxsecurity2017.com/ where consumers can check to see if their data was potentially involved in the breach.  Equifax is also offering a year of their own credit monitoring services for consumers impacted by the breach if they agree to certain terms the company provides.

In light of this breach, please use caution when responding to emails that request your personal information or that appear to be from Equifax or other credit agencie.

For more information on ways to protect yourself against or recover from identity theft, please see the following resources from the Federal Trade Commission (FTC);