Job Phishing Alert: Department of Psychology - New Post If It's Too Good To Be True, It's A Lie

Recently, the Division of Information Technology(DoIT) received multiple reports of job phishing emails. The scammers sending these emails are impersonating Professor Brodsky of the Department of Psychology. Below is an example of such an email. For privacy purposes, we removed the To field.

 

From: Holly woodard <hollywoodardshop@gmail.com>

Date: Sun, May 1, 2022 at 12:48 PM

Subject: Internship UMBC

To:

 

 

University of Maryland, Baltimore County, The Office of the Department of Psychology urgently needs the services of students to work remotely as research assistants and get paid $300 weekly. The position is served remotely and assignments can be carried out in your leisure time. The position is open to students from any department of the institution UMBC. To proceed with the application process, contact Professor Anne E. Brodsky now at  (310) 818-3769 via text message stating your full name, email address, year of study, and department to receive the job description and further application requirements.

 

Best Regards,

 

Professor Anne E. Brodsky

Department: Philosophy

Performing Arts & Humanities, 

Room 455

(310) 818-3769

University of Maryland, Baltimore County

 



Please note that the Psychology Department or Professor Brodsky did not send this message. Three visible red flags in this email are:

  1. The From address is not a UMBC email. If the Psychology Department or Prof. Brodsky were sending this email, the From address would have been a UMBC email address. However, it was sent from <hollywoodardshop@gmail.com>, which is not a UMBC affiliate. Please note that it could have been spoofed, even if it appears to originate from a UMBC email. Therefore, always check with DoIT(security@umbc.edu) or email/contact the impersonated person on a completely different email when you see a conflict in the address.

  2. Phone number.  A lot of scammers will ask for your phone number. If their number gets reported, they could easily get a new one. If you ever receive a job offer asking for a phone number in general,  BE SUSPICIOUS!

  3. The email template. This template is widespread. After a quick Google search, we found a few Job scam articles with the same template. So if you are ever in doubt, GOOGLE IT! UMBC will not use a known phishing template to offer you a job opportunity.


For more information about phishing, visit https://itsecurity.umbc.edu/critical/?id=98136.


If you have received any message similar to the one listed above, please forward it with its headers tosecurity@umbc.edu. For instructions, visit https://wiki.umbc.edu/pages/viewpage.action?pageId=1867970.


______________________________________________________________________________________________________________________________________

Receive any suspicious emails?

Forward it to security@umbc.edu along with the email headers. For instructions, visit https://wiki.umbc.edu/pages/viewpage.action?pageId=1867970.


Follow us on myUMBC:https://my3.my.umbc.edu/groups/itsecurity.




]]> Recently, the Division of Information Technology(DoIT) received multiple reports of job phishing emails. The scammers sending these emails are impersonating Professor Brodsky of the Department of... https://beta.my.umbc.edu/api/v0/pixel/news/119286/guest@my.umbc.edu/d40408a3f193feb1666f613685849b7b/api/pixel notice IT Security - DoIT Cybersecurity Assurance and Digital Trust https://beta.my.umbc.edu/groups/itsecurity https://assets1-beta.my.umbc.edu/images/avatars/group/7/xsmall.png?1777162216 https://assets4-beta.my.umbc.edu/images/avatars/group/7/original.png?1777162216 https://assets1-beta.my.umbc.edu/images/avatars/group/7/xxlarge.png?1777162216 https://assets1-beta.my.umbc.edu/images/avatars/group/7/xlarge.png?1777162216 https://assets4-beta.my.umbc.edu/images/avatars/group/7/large.png?1777162216 https://assets4-beta.my.umbc.edu/images/avatars/group/7/medium.png?1777162216 https://assets1-beta.my.umbc.edu/images/avatars/group/7/small.png?1777162216 https://assets1-beta.my.umbc.edu/images/avatars/group/7/xsmall.png?1777162216 https://assets1-beta.my.umbc.edu/images/avatars/group/7/xxsmall.png?1777162216 IT Security - DoIT 1 0 true Mon, 09 May 2022 10:55:31 -0400 Tue, 12 Jul 2022 10:29:30 -0400 Job Phishing Alert: Department of Psychology Another job that doesn't exist

Recently, the Division of Information Technology(DoIT) received multiple reports of job phishing emails. The scammers sending these emails are impersonating Professor Brodsky of the Department of Psychology. Below is an example of such an email. For privacy purposes, we removed the To field.

 

From: Holly woodard <hollywoodardshop@gmail.com>

Date: Sun, May 1, 2022 at 12:48 PM

Subject: Internship UMBC

To:

 

 

University of Maryland, Baltimore County, The Office of the Department of Psychology urgently needs the services of students to work remotely as research assistants and get paid $300 weekly. The position is served remotely and assignments can be carried out in your leisure time. The position is open to students from any department of the institution UMBC. To proceed with the application process, contact Professor Anne E. Brodsky now at  (310) 818-3769 via text message stating your full name, email address, year of study, and department to receive the job description and further application requirements.

 

Best Regards,

 

Professor Anne E. Brodsky

Department: Philosophy

Performing Arts & Humanities, 

Room 455

(310) 818-3769

University of Maryland, Baltimore County

 



Please note that the Psychology Department or Professor Brodsky did not send this message. Three visible red flags in this email are:

  1. The From address is not a UMBC email. If the Psychology Department or Prof. Brodsky were sending this email, the From address would have been a UMBC email address. However, it was sent from <hollywoodardshop@gmail.com>, which is not a UMBC affiliate. Please note that it could have been spoofed, even if it appears to originate from a UMBC email. Therefore, always check with DoIT(security@umbc.edu) or email/contact the impersonated person on a completely different email when you see a conflict in the address.

  2. Phone number.  A lot of scammers will ask for your phone number. If their number gets reported, they could easily get a new one. If you ever receive a job offer asking for a phone number in general,  BE SUSPICIOUS!

  3. The email template. This template is widespread. After a quick Google search, we found a few Job scam articles with the same template. So if you are ever in doubt, GOOGLE IT! UMBC will not use a known phishing template to offer you a job opportunity.


For more information about phishing, visit https://itsecurity.umbc.edu/critical/?id=98136.


If you have received any message similar to the one listed above, please forward it with its headers tosecurity@umbc.edu. For instructions, visit https://wiki.umbc.edu/pages/viewpage.action?pageId=1867970.


______________________________________________________________________________________________________________________________________

Receive any suspicious emails?

Forward it to security@umbc.edu along with the email headers. For instructions, visit https://wiki.umbc.edu/pages/viewpage.action?pageId=1867970.


Follow us on myUMBC:https://my3.my.umbc.edu/groups/itsecurity.




]]> Recently, the Division of Information Technology(DoIT) received multiple reports of job phishing emails. The scammers sending these emails are impersonating Professor Brodsky of the Department of... https://beta.my.umbc.edu/api/v0/pixel/news/119162/guest@my.umbc.edu/2da27a6c4906743bb1d3ba8fff0bba10/api/pixel notice IT Security - DoIT Cybersecurity Assurance and Digital Trust https://beta.my.umbc.edu/groups/itsecurity https://assets1-beta.my.umbc.edu/images/avatars/group/7/xsmall.png?1777162216 https://assets4-beta.my.umbc.edu/images/avatars/group/7/original.png?1777162216 https://assets1-beta.my.umbc.edu/images/avatars/group/7/xxlarge.png?1777162216 https://assets1-beta.my.umbc.edu/images/avatars/group/7/xlarge.png?1777162216 https://assets4-beta.my.umbc.edu/images/avatars/group/7/large.png?1777162216 https://assets4-beta.my.umbc.edu/images/avatars/group/7/medium.png?1777162216 https://assets1-beta.my.umbc.edu/images/avatars/group/7/small.png?1777162216 https://assets1-beta.my.umbc.edu/images/avatars/group/7/xsmall.png?1777162216 https://assets1-beta.my.umbc.edu/images/avatars/group/7/xxsmall.png?1777162216 IT Security - DoIT 7 1 true Tue, 03 May 2022 16:25:48 -0400 Phishing Alert: Immediate Action Required THE HEADLINE IS A SCAM! NO ACTION IS REQUIRED AT ALL!

The Division of Information Technology( DoIT) recently received reports of new phishing campaign. The email informs the recipients of a “Server System failure” and asks them to “Review messages.” Below is an example of the email. We removed the recipient’s information for privacy reasons.


From: myUMBC <gary3123@gvtc.com>

Date: Wed, Apr 20, 2022 at 2:40 PM

Subject: Immediate Action Required

To: 



This email is not legitimate. It was sent by <gary3123@gvtc.com>, who is trying to impersonate someone at UMBC. We have not experienced a server system failure that requires you to review your messages. However, if you have trouble receiving messages, please contact us at security@umbc.edu.  

The “Review Messages” link in the email will take you to the website shown in the picture below. Please note that this page is not affiliated with UMBC. If you enter your UMBC email and password, your account can be compromised. 


Please DO NOT CLICK on the link if you have received this email. However, if you have clicked on the link, DO NOT ENTER your password. If you entered your UMBC password, immediately change your password




If you have received any message similar to the one listed above, please forward it with its headers tosecurity@umbc.edu. For instructions, visit https://wiki.umbc.edu/pages/viewpage.action?pageId=1867970.


Remember that scams work by appealing to emotions and discouraging prolonged thought. Starting out with "Immediate Action Required" is intended to do just that. The hope is that you are approaching panic before you even open up the message. Beware anything that looks intended to appeal to your feelings rather than your reason.


______________________________________________________________________________________________________________________________________

Receive any suspicious emails?

Forward it to security@umbc.edu along with the email headers. For instructions, visit https://wiki.umbc.edu/pages/viewpage.action?pageId=1867970.


Follow us on myUMBC:https://my3.my.umbc.edu/groups/itsecurity.



]]> The Division of Information Technology( DoIT) recently received reports of new phishing campaign. The email informs the recipients of a “Server System failure” and asks them to “Review messages.”... https://beta.my.umbc.edu/api/v0/pixel/news/118927/guest@my.umbc.edu/eed9876d13fe94833a1b9eab17d9a53e/api/pixel notice IT Security - DoIT Cybersecurity Assurance and Digital Trust https://beta.my.umbc.edu/groups/itsecurity https://assets1-beta.my.umbc.edu/images/avatars/group/7/xsmall.png?1777162216 https://assets4-beta.my.umbc.edu/images/avatars/group/7/original.png?1777162216 https://assets1-beta.my.umbc.edu/images/avatars/group/7/xxlarge.png?1777162216 https://assets1-beta.my.umbc.edu/images/avatars/group/7/xlarge.png?1777162216 https://assets4-beta.my.umbc.edu/images/avatars/group/7/large.png?1777162216 https://assets4-beta.my.umbc.edu/images/avatars/group/7/medium.png?1777162216 https://assets1-beta.my.umbc.edu/images/avatars/group/7/small.png?1777162216 https://assets1-beta.my.umbc.edu/images/avatars/group/7/xsmall.png?1777162216 https://assets1-beta.my.umbc.edu/images/avatars/group/7/xxsmall.png?1777162216 IT Security - DoIT 1 0 true Mon, 25 Apr 2022 20:39:28 -0400 Job Scam Phishing Alert: COLLEGE CENTRAL JOB Phishing Scams Continue!

Recently, UMBC’s Division of Information Technology (DoIT) received a report of a new phishing campaign. The actors compromised Professor Kang's account and sent out a job phishing scam. Approximately 1700 accounts received this email message. Below is an example of the email. We removed the To field for privacy purposes.


From: Weining Kang <wkang@umbc.edu>

Date: Tue, 12 Apr 2022 15:22:29 +0800

Subject: COLLEGE CENTRAL JOB

To:


Company’s Name:

Havas Group



Company’s Description:

We create thoughtful, insight-led strategies that fuel authentic partnerships, amplified by imaginative experiences and engaging content.


Job Title :

Advertise while driving.



Job Description:

We seek interested candidates to go about their normal routine with the advert of “ #TogetherAtHome, #SafeHands And #SocialDistancing ” " #TakeVaccine " on their car/ truck/ bikes.



Qualifications:

Must have a Car, Truck, Van, or Motorcycle.


Salary:

$300 weekly.



Interested candidates should contact:


covidvaccine.ads@gmail.com

Ivan Derrick


Hiring Coordinator/Logistic Supervisor


Best Regards,

Weining




As mentioned above, the email was sent from Professor Kang’s account; however, he is not the one sending the messages. His account was compromised. The contact email in the message <covidvaccine.ads@gmail.com> does not belong to Professor Kang. Therefore, any response sent to this email will not go to Professor Kang. A similar email template to the one above can be found online with a simple Google search. If you are ever in doubt about your emails, Google it. Companies, facilities, or staff will not send out job offers with known phishing templates.


If you have received any message similar to the one listed above, please forward it with its headers tosecurity@umbc.edu. For instructions, visit https://wiki.umbc.edu/pages/viewpage.action?pageId=1867970.


______________________________________________________________________________________________________________________________________

Receive any suspicious emails?

Forward it to security@umbc.edu along with the email headers. For instructions, visit https://wiki.umbc.edu/pages/viewpage.action?pageId=1867970.


Follow us on myUMBC:https://my3.my.umbc.edu/groups/itsecurity.



]]> Recently, UMBC’s Division of Information Technology (DoIT) received a report of a new phishing campaign. The actors compromised Professor Kang's account and sent out a job phishing scam.... https://beta.my.umbc.edu/api/v0/pixel/news/118656/guest@my.umbc.edu/8a50f5a713481d18315fd4ae94aa949c/api/pixel notice IT Security - DoIT Cybersecurity Assurance and Digital Trust https://beta.my.umbc.edu/groups/itsecurity https://assets1-beta.my.umbc.edu/images/avatars/group/7/xsmall.png?1777162216 https://assets4-beta.my.umbc.edu/images/avatars/group/7/original.png?1777162216 https://assets1-beta.my.umbc.edu/images/avatars/group/7/xxlarge.png?1777162216 https://assets1-beta.my.umbc.edu/images/avatars/group/7/xlarge.png?1777162216 https://assets4-beta.my.umbc.edu/images/avatars/group/7/large.png?1777162216 https://assets4-beta.my.umbc.edu/images/avatars/group/7/medium.png?1777162216 https://assets1-beta.my.umbc.edu/images/avatars/group/7/small.png?1777162216 https://assets1-beta.my.umbc.edu/images/avatars/group/7/xsmall.png?1777162216 https://assets1-beta.my.umbc.edu/images/avatars/group/7/xxsmall.png?1777162216 IT Security - DoIT 0 0 true Sun, 17 Apr 2022 21:04:34 -0400 Five Tips to Protect your UMBC Account Over the past weeks, Avoid Identity Theft - especially of your own Identity

Over the past weeks, we have seen an increase in compromised accounts. So, here at UMBC’s Division of Information Technology (DoIT), we thought it was imperative to share some tips on safeguarding your UMBC accounts.


  1. Change your password frequently, maybe once a year. Most of the community members at UMBC do not change their passwords yearly. If hackers try to compromise your account more than once over a specific period, they will have less chance of succeeding if you change your password frequently.

  2. Do not use the same password on multiple sites. If you are a victim of a data breach for one of these sites, the hackers now have your password for all those sites, your UMBC account included. After a breach, always update your password. To check if you were involved in a data breach, visit sites such as  https://haveibeenpwned.com/.  Also, given that the usual purpose of identity theft is the theft of something else (like money), keep an eye on your bank account and/or credit card activity.

  3. Do not share your password with anyone. When trying to keep your account secure, trust no one with our password.  “No one” means “NO ONE”. Not your parents, not your kid brother, not your significant other.  If someone else needs access to your financial information, please follow the directions at https://sbs.umbc.edu/payments/parent-pin-login/.

  4. Install DUO. DUO is a two-factor authentication available at UMBC to help protect your account. For more information, visit https://wiki.umbc.edu/display/faq/Two-Factor+Authentication+with+DUO. Two-factor authentication is currently one of the most effective and affordable ways to secure your UMBC (or any other) online account.

  5. Create strong passwords. Do not use the name of a person, organization or your favorite anime character.  Also,, use uppercase letters, lowercase letters, symbols, and numbers to strengthen your password.  

One method to create a strong password that you can remember is to  pick a song or a poem you like and take one line from it: “In the town where I was born, lived a man who sailed the seas …”  Take the first letter of the first ten words: “ittwiwblam”.  The lowercase ”i” looks like an upside-down exclamation point.  We need some uppercase, so how about “b” and “a”?  They are easy to remember since they come first in the alphabet.


Password:  !ttw!wBlAm  


After a few logins, your fingers will remember it without you having to think about it.









Hopefully, these five steps will help you secure your UMBC and other accounts. For more information about password security, visit https://www.openaccessgovernment.org/password-protection/102105/.


______________________________________________________________________________________________________________________________________

Receive any suspicious emails?

Forward it to security@umbc.edu along with the email headers. For instructions, visit https://wiki.umbc.edu/pages/viewpage.action?pageId=1867970.


Follow us on myUMBC:https://my3.my.umbc.edu/groups/itsecurity.



]]> Over the past weeks, we have seen an increase in compromised accounts. So, here at UMBC’s Division of Information Technology (DoIT), we thought it was imperative to share some tips on safeguarding... https://beta.my.umbc.edu/api/v0/pixel/news/118655/guest@my.umbc.edu/e1928f7374e69c2f2d0269fee945e278/api/pixel notice IT Security - DoIT Cybersecurity Assurance and Digital Trust https://beta.my.umbc.edu/groups/itsecurity https://assets1-beta.my.umbc.edu/images/avatars/group/7/xsmall.png?1777162216 https://assets4-beta.my.umbc.edu/images/avatars/group/7/original.png?1777162216 https://assets1-beta.my.umbc.edu/images/avatars/group/7/xxlarge.png?1777162216 https://assets1-beta.my.umbc.edu/images/avatars/group/7/xlarge.png?1777162216 https://assets4-beta.my.umbc.edu/images/avatars/group/7/large.png?1777162216 https://assets4-beta.my.umbc.edu/images/avatars/group/7/medium.png?1777162216 https://assets1-beta.my.umbc.edu/images/avatars/group/7/small.png?1777162216 https://assets1-beta.my.umbc.edu/images/avatars/group/7/xsmall.png?1777162216 https://assets1-beta.my.umbc.edu/images/avatars/group/7/xxsmall.png?1777162216 IT Security - DoIT 0 0 true Sun, 17 Apr 2022 20:45:26 -0400 Job Phishing Alert: Department of Biological Sciences As Usual, The Job Sounds Really Good Except For Not Existing

Recently, the Division of Information Technology(DoIT) received multiple reports of a job phishing email. The scammers sending these emails are impersonating Professor Brewster of the Department of Biological Sciences. Below is an example of such an email. For privacy purposes, we removed the To field.

 

From: CAMPUS JOB <ecowas101@gmail.com>

Date: Wed, Mar 2, 2022 at 6:09 AM

Subject: UMBC Student Hiring

To:

 

 

The service of a student administrative assistant is urgently required to work part-time and get paid $315 weekly. Tasks will be carried out remotely and work time is 7hrs/week.

If interested, submit a copy of your updated resume and a functional whatsapp number to our Department of Biological Sciences via this email address to proceed.

 

Sincerely

Rachel Brewster

Associate Professor

Department of Biological Sciences 

Office: Biological Sciences Building, Room 480

Lab: The Brewster Lab

 



Please note that the Biological Sciences Department or Professor Brewster did not send this message. Three visible red flags in this email are:

  1. Whatsapp number.  A lot of scammers will ask for your WhatsApp number. If their number gets reported, they could easily create a new one. The same can be said for an email address; however, if their email is blocked, they will lose responses from other phishing email recipients. If you ever receive a job offer asking for a WhatsApp number or a phone number in general,  BE SUSPICIOUS!

  2. The email template. This template is very common. After a quick Google search, we found a few Job scams articles with the same template. So if you are ever in doubt, Google it! UMBC will not use a known phishing template to offer you a job opportunity.


For more information about phishing, visit:https://itsecurity.umbc.edu/critical/?id=98136.


If you have received any message similar to the one listed above, please forward it with its headers tosecurity@umbc.edu. For instructions, visit: https://wiki.umbc.edu/pages/viewpage.action?pageId=1867970.


______________________________________________________________________________________________________________________________________

Receive any suspicious emails?

Forward it to security@umbc.edu along with the email headers. For instructions, visit: https://wiki.umbc.edu/pages/viewpage.action?pageId=1867970.


Follow us on myUMBC:https://my3.my.umbc.edu/groups/itsecurity.




]]> Recently, the Division of Information Technology(DoIT) received multiple reports of a job phishing email. The scammers sending these emails are impersonating Professor Brewster of the Department... https://beta.my.umbc.edu/api/v0/pixel/news/117419/guest@my.umbc.edu/f390de02c26397833e8d81d142dd81b1/api/pixel notice IT Security - DoIT Cybersecurity Assurance and Digital Trust https://beta.my.umbc.edu/groups/itsecurity https://assets1-beta.my.umbc.edu/images/avatars/group/7/xsmall.png?1777162216 https://assets4-beta.my.umbc.edu/images/avatars/group/7/original.png?1777162216 https://assets1-beta.my.umbc.edu/images/avatars/group/7/xxlarge.png?1777162216 https://assets1-beta.my.umbc.edu/images/avatars/group/7/xlarge.png?1777162216 https://assets4-beta.my.umbc.edu/images/avatars/group/7/large.png?1777162216 https://assets4-beta.my.umbc.edu/images/avatars/group/7/medium.png?1777162216 https://assets1-beta.my.umbc.edu/images/avatars/group/7/small.png?1777162216 https://assets1-beta.my.umbc.edu/images/avatars/group/7/xsmall.png?1777162216 https://assets1-beta.my.umbc.edu/images/avatars/group/7/xxsmall.png?1777162216 IT Security - DoIT 0 0 true Thu, 03 Mar 2022 15:12:54 -0500 Phishing Alert: “Available Position” More remote work scams!


 

Recently, the Division of Information Technology(DoIT) received multiple reports of a job scam phishing email. The scammers are offering a position as a Personal Assistant. Below is an example of the phishing email. We removed the To field for privacy purposes.


From: Student Careers <studentjobs@pantherz.net>

Date: Thu, Feb 17, 2022 at 7:10 AM

Subject: Available Position.

To:

 

 

Position: Personal Assistant/Part-Time (Work-Remotely)

Pay: 400.00 USD (Weekly)

Hours: 10 hours (Weekly Average)

 

Dr. Barbara B. Abrahams am currently looking for a Personal Assistant to provide personalized secretarial and administrative support in a well-organized and timely manner. You will work on a one-to-one basis on a variety of tasks related to manager’s working life and communication.

 

Ideally, I am looking for someone who has:

• Strong organizational skills with an ability to prioritize and manage competing deadlines

• Possess a high-level of professionalism and communicate in a formal manner (both verbally and written)

• Diary management skills

• Up to date with latest Google applications and calendar

• MS Office knowledge

• Well presented

 

Experience/Qualifications:

• MS Office and English proficiency

• Outstanding organizational and time management skills

• Up to date with latest Google applications and calendar

• Ability to multitask and prioritize daily reminders

• Eligible to work in USA

Interested in applying for the above position? Send a copy of your Resume/Cover Letter to dr.babhams@gmail.com.

 


Other than the usual red flags (spelling, spacing, and grammatical errors), another potential red flag is the email’s content. This email template is very common among scammers. After a quick Google search, we found a few Job scams articles with the same template. So, if you are ever in doubt about an email, Google it! Real job offers would not use a well-known phishing template when offering you a job opportunity. 



As usual, if you receive any similar messages, please forward them with the headers tosecurity@umbc.edu. For instructions, visit: https://wiki.umbc.edu/pages/viewpage.action?pageId=1867970.


______________________________________________________________________________________________________________________________________


Follow us on myUMBC:https://my3.my.umbc.edu/groups/itsecurity for the latest security updates.





]]>   Recently, the Division of Information Technology(DoIT) received multiple reports of a job scam phishing email. The scammers are offering a position as a Personal Assistant. Below is an example... https://beta.my.umbc.edu/api/v0/pixel/news/117088/guest@my.umbc.edu/9462e4cd0faf4fe5e73bdcbcf0268b14/api/pixel notice IT Security - DoIT Cybersecurity Assurance and Digital Trust https://beta.my.umbc.edu/groups/itsecurity https://assets1-beta.my.umbc.edu/images/avatars/group/7/xsmall.png?1777162216 https://assets4-beta.my.umbc.edu/images/avatars/group/7/original.png?1777162216 https://assets1-beta.my.umbc.edu/images/avatars/group/7/xxlarge.png?1777162216 https://assets1-beta.my.umbc.edu/images/avatars/group/7/xlarge.png?1777162216 https://assets4-beta.my.umbc.edu/images/avatars/group/7/large.png?1777162216 https://assets4-beta.my.umbc.edu/images/avatars/group/7/medium.png?1777162216 https://assets1-beta.my.umbc.edu/images/avatars/group/7/small.png?1777162216 https://assets1-beta.my.umbc.edu/images/avatars/group/7/xsmall.png?1777162216 https://assets1-beta.my.umbc.edu/images/avatars/group/7/xxsmall.png?1777162216 IT Security - DoIT 1 1 true Mon, 21 Feb 2022 12:06:46 -0500 Mon, 21 Feb 2022 12:08:02 -0500 Job Scam Phishing Alert “Crypto Purchasing Assistant Needed" If it sounds too good to be true, it's too good to be true.

“Crypto Purchasing Assistant Needed - Apply if Interested"


 The Division of Information Technology(DoIT) recently received multiple reports of a job scam phishing message. The scammers are offering a position as  a Virtual Executive Assistant to purchase cryptocurrency. An example of the phishing email can be found below. We removed the To and From fields for privacy reasons.

 

From: 

Date: Mon, Feb 14, 2022 at 11:32 AM

Subject: Crypto Purchasing Assistant Needed - Apply if Interested

To:

Work as a Virtual Executive Assistant for Michael Bravo as a Crypto

Currency Purchasing

Assistant basically handling purchase and receiving payments when

purchase is required.

A maximum of an hour daily or maximum of five hours weekly work input

is required, the pay

will be two hundred dollars weekly with regular performance bonus and

benefits, you can work

remotely from your choice location.

The information required below is required for interested applicants.

 

NAME:

MOBILE:

ALTERNATIVE EMAIL:

 

Kindly forward details with a resume if available to

michael.bravo.paychex@gmail.com

 

Regards,

Katie Johnson

Publicity Manager.



Notice that the formatting seems off. The format of the email is a red flag for a potential scam. Spelling, grammatical errors, awkward wording or phrasing are some of the most suspicious details about phishing emails. This email contains such errors as well as random line breaks. An actual job offer will not have these kinds of mistakes. Always be suspicious of emails that are written similarly.



For more information about the red flags in phishing emails, visit:https://itsecurity.umbc.edu/critical/?id=98136.


If you have received any message similar to the one listed above, please forward it with its headers tosecurity@umbc.edu. For instructions, visit: https://wiki.umbc.edu/pages/viewpage.action?pageId=1867970.


______________________________________________________________________________________________________________________________________

Receive any suspicious emails?

Forward it to security@umbc.edu along with the email headers. For instructions, visit: https://wiki.umbc.edu/pages/viewpage.action?pageId=1867970.


Follow us on myUMBC:https://my3.my.umbc.edu/groups/itsecurity.

]]> “Crypto Purchasing Assistant Needed - Apply if Interested"  The Division of Information Technology(DoIT) recently received multiple reports of a job scam phishing message. The scammers are... https://beta.my.umbc.edu/api/v0/pixel/news/116915/guest@my.umbc.edu/e8af36803aca4c6d78da19087bff5946/api/pixel notice IT Security - DoIT Cybersecurity Assurance and Digital Trust https://beta.my.umbc.edu/groups/itsecurity https://assets1-beta.my.umbc.edu/images/avatars/group/7/xsmall.png?1777162216 https://assets4-beta.my.umbc.edu/images/avatars/group/7/original.png?1777162216 https://assets1-beta.my.umbc.edu/images/avatars/group/7/xxlarge.png?1777162216 https://assets1-beta.my.umbc.edu/images/avatars/group/7/xlarge.png?1777162216 https://assets4-beta.my.umbc.edu/images/avatars/group/7/large.png?1777162216 https://assets4-beta.my.umbc.edu/images/avatars/group/7/medium.png?1777162216 https://assets1-beta.my.umbc.edu/images/avatars/group/7/small.png?1777162216 https://assets1-beta.my.umbc.edu/images/avatars/group/7/xsmall.png?1777162216 https://assets1-beta.my.umbc.edu/images/avatars/group/7/xxsmall.png?1777162216 IT Security - DoIT 0 0 true Tue, 15 Feb 2022 11:46:18 -0500 Job Scam Alert: Department of Psychology An Accidental Forward Keeps Us All On Our Toes The Division of Information Technology has received quite a few reports of a new job scam email coming from the Department of Psychology. It is very similar to others we have received in the past, and an example of the email has been copied below. Do not respond to this message. For privacy purposes, we have removed the To field.
---------- Forwarded message ---------
    From: Scott Brown 
    Date: Tue, Feb 8, 2022 at 9:10 AM
    Subject: UMBC STUDENTS HIRING
    To:
    
    The service of a student assistant is urgently required to
    work part-time and get paid $315 weekly. Tasks will be carried
    out remotely and work time is 7hrs/week. This position is
    available to both graduate and undergraduate students of the
    university.
    If interested, send a copy of your updated resume and a
    functional whatsapp number to our Department of Psychology via
    this email address to proceed further on the job
    roles/responsibilities. 
    
    Sincerely
    Anne E. Brodsky, Ph.D.
    Professor and Chair
    Department of Psychology
    Office: Math/Psychology 311
    Lab: Sondheim 508
In this case, the message was accidentally forwarded to a prominent mailing list, lending a slight bit of credibility. However, there are still some red flags in this message that should lead you to pause before responding.
  1. Scammers love to ask for your WhatsApp number, and prefer this message of communication. It is more anonymous, and if their number is reported or blocked, they can easily create a new one. The same can be said of the from address from this forwarded message: it appears to be a randomly generated address from Gmail rather than one from UMBC. Be suspicious whenever you see these signs.
  2. This email template is very common. We have even posted several stories right here for the same scam from different actors, and a quick Google search results in several other places with the same alerts.
For more information about phishing, visit https://itsecurity.umbc.edu/critical/?id=98136.

If you have received any message similar to the one listed above, please forward it with its headers to security@umbc.edu. For instructions, visit: https://wiki.umbc.edu/pages/viewpage.action?pageId=1867970.
]]> The Division of Information Technology has received quite a few reports of a new job scam email coming from the Department of Psychology. It is very similar to others we have received in the past,... https://itsecurity.umbc.edu https://beta.my.umbc.edu/api/v0/pixel/news/116708/guest@my.umbc.edu/b18a0153751c0f04571deb30c83b5942/api/pixel notice IT Security - DoIT Cybersecurity Assurance and Digital Trust https://beta.my.umbc.edu/groups/itsecurity https://assets1-beta.my.umbc.edu/images/avatars/group/7/xsmall.png?1777162216 https://assets4-beta.my.umbc.edu/images/avatars/group/7/original.png?1777162216 https://assets1-beta.my.umbc.edu/images/avatars/group/7/xxlarge.png?1777162216 https://assets1-beta.my.umbc.edu/images/avatars/group/7/xlarge.png?1777162216 https://assets4-beta.my.umbc.edu/images/avatars/group/7/large.png?1777162216 https://assets4-beta.my.umbc.edu/images/avatars/group/7/medium.png?1777162216 https://assets1-beta.my.umbc.edu/images/avatars/group/7/small.png?1777162216 https://assets1-beta.my.umbc.edu/images/avatars/group/7/xsmall.png?1777162216 https://assets1-beta.my.umbc.edu/images/avatars/group/7/xxsmall.png?1777162216 IT Security - DoIT https://assets4-beta.my.umbc.edu/system/shared/thumbnails/news/000/116/708/7720ffbf9e78bcb531efd4ad9ea7cda5/xxlarge.jpg?1644347716 https://assets4-beta.my.umbc.edu/system/shared/thumbnails/news/000/116/708/7720ffbf9e78bcb531efd4ad9ea7cda5/xlarge.jpg?1644347716 https://assets3-beta.my.umbc.edu/system/shared/thumbnails/news/000/116/708/7720ffbf9e78bcb531efd4ad9ea7cda5/large.jpg?1644347716 https://assets2-beta.my.umbc.edu/system/shared/thumbnails/news/000/116/708/7720ffbf9e78bcb531efd4ad9ea7cda5/medium.jpg?1644347716 https://assets4-beta.my.umbc.edu/system/shared/thumbnails/news/000/116/708/7720ffbf9e78bcb531efd4ad9ea7cda5/small.jpg?1644347716 https://assets3-beta.my.umbc.edu/system/shared/thumbnails/news/000/116/708/7720ffbf9e78bcb531efd4ad9ea7cda5/xsmall.jpg?1644347716 https://assets3-beta.my.umbc.edu/system/shared/thumbnails/news/000/116/708/7720ffbf9e78bcb531efd4ad9ea7cda5/xxsmall.jpg?1644347716 1 0 true Tue, 08 Feb 2022 14:16:16 -0500 Tue, 08 Feb 2022 14:18:43 -0500 Job Phishing Alert: Department of Biological Sciences An Example of Red Flags In A Phishing Message

Recently, the Division of Information Technology(DoIT) received multiple reports of a job phishing email. The scammers sending these emails are impersonating Professor Mendelson of the Department of Biological Sciences. Below is an example of such an email. For privacy purposes, we removed the To field.

 

From: Majoro Diarra Stanley <majorodstanley@gmail.com>

Date: Wed, Oct 27, 2021 at 6:07 PM

Subject: REMOTE JOB OFFER

To:



The services of a student administrative assistant is urgently required to work part-time in Mendelson Laboratory and get paid $300 weekly. Tasks will be carried out remotely and work time is 7 hours/week.

If interested, send a copy of your updated resume and a functional whatsapp number to Mendelson Laboratory via this email address to proceed with the job description/responsibilities.

 

Sincerely

Tamra Mendelson

Professor, Biological Sciences

Department of Biological Sciences

University of Maryland, Baltimore County

Office: Biological Sciences 426

Lab: Mendelson Lab BS 402/427/428



Please note that the Biological Sciences Department or Professor Mendelson did not send this message. Three visible red flags in this email are:

  1. The From address is not a UMBC email. If the Biological Sciences Department or Prof. Mendelson were sending this email, the From address would have been a UMBC email address. However, it was sent from <majorodstanley@gmail.com>, which is not a UMBC affiliate. Please note that it could have been spoofed, even if it appears to originate from a UMBC email. Therefore, always check with DoIT(security@umbc.edu) or email/contact the impersonated person on a completely different email when you see a conflict in the address.

  2. Whatsapp number.  A lot of scammers will ask for your WhatsApp number. If their number gets reported, they could easily create a new one. The same can be said for an email address; however, if their email is blocked, they will lose responses from other phishing email recipients. If you ever receive a job offer asking for a WhatsApp number or a phone number in general,  BE SUSPICIOUS!

  3. The email template. This template is very common. After a quick Google search, we found a few Job scams articles with the same template. So if you are ever in doubt, Google it! UMBC will not use a known phishing template to offer you a job opportunity.


For more information about phishing, visit:https://itsecurity.umbc.edu/critical/?id=98136.


If you have received any message similar to the one listed above, please forward it with its headers tosecurity@umbc.edu. For instructions, visit: https://wiki.umbc.edu/pages/viewpage.action?pageId=1867970.


______________________________________________________________________________________________________________________________________

Receive any suspicious emails?

Forward it to security@umbc.edu along with the email headers. For instructions, visit: https://wiki.umbc.edu/pages/viewpage.action?pageId=1867970.


Follow us on myUMBC:https://my3.my.umbc.edu/groups/itsecurity.




]]> Recently, the Division of Information Technology(DoIT) received multiple reports of a job phishing email. The scammers sending these emails are impersonating Professor Mendelson of the Department... https://beta.my.umbc.edu/api/v0/pixel/news/115555/guest@my.umbc.edu/79db6b5e7e5828bb7eda3580d6639140/api/pixel notice IT Security - DoIT Cybersecurity Assurance and Digital Trust https://beta.my.umbc.edu/groups/itsecurity https://assets1-beta.my.umbc.edu/images/avatars/group/7/xsmall.png?1777162216 https://assets4-beta.my.umbc.edu/images/avatars/group/7/original.png?1777162216 https://assets1-beta.my.umbc.edu/images/avatars/group/7/xxlarge.png?1777162216 https://assets1-beta.my.umbc.edu/images/avatars/group/7/xlarge.png?1777162216 https://assets4-beta.my.umbc.edu/images/avatars/group/7/large.png?1777162216 https://assets4-beta.my.umbc.edu/images/avatars/group/7/medium.png?1777162216 https://assets1-beta.my.umbc.edu/images/avatars/group/7/small.png?1777162216 https://assets1-beta.my.umbc.edu/images/avatars/group/7/xsmall.png?1777162216 https://assets1-beta.my.umbc.edu/images/avatars/group/7/xxsmall.png?1777162216 IT Security - DoIT 1 0 true Tue, 07 Dec 2021 14:53:07 -0500