We are currently experiencing a number of reports of an email about a work opportunity: this is a phishing campaign targeting students. Our team has put measures in place to reduce the influx of these messages, but if you do receive one, please do not respond.
In this particular sample, the scammers put the whole email in a PDF document to evade the spam filter. Please see the FTC’s Anatomy of a fake check scam for more information about these types of fake check scams.
Please remember that SMU OIT will NEVER ask you to verify your account information, provide your password or any personal information via email. Do not respond to any emails requesting this information. If you are still unsure, contact the IT Help Desk (help@smu.eduor 214-768-HELP), and they will be happy to verify the legitimacy of the message. For more information about reporting spam or phishing, please visit http://smu.edu/spam.
Thank you for your diligence in helping to protect your accounts and SMU information.
What if I replied?
If you have replied to the request, we recommend contacting the IT Help Desk. They have a standard procedure for these issues. You will be assisted through the process of a password reset and verifying your account for malware.
We also recommend changing passwords for your SMU and on your personal accounts, such as banking or others. If the site offers two-factor authentication, you will want to enable it to reduce the sites from being susceptible to compromise.
On your personal computer, it is also recommended you run an antivirus/malware scan. CylancePROTECT, the same software used to safeguard the University’s computers, is available for a nominal charge. If you are looking for something more economical, a free version of Malwarebytes is available at www.malwarebytes.com.
Updated 02/07/2020: Provide information about remediation if the user had replied to the message.
