Phishing Alert: Read this message

Read this message phishing emailYou may have received an email earlier today that appeared to come from someone you know. The subject of the email message varies, but they all have button stating “Read this message.” This is a phishing email and is not legitimate.  Please delete this message.  If you clicked on the link, please contact the IT Help Desk at 214-768-HELP or 214-768-4357 immediately.

Thank you for your continued diligence in exercising caution with suspicious emails.

New gift card phishing scam using fake supervisor email addresses

As we begin the Spring semester, we would like to remind you to be diligent in watching for phishing emails. Over the last several weeks, OIT has been notified by a number of faculty and staff members who have received messages that appear to come from supervisors. The email will urgently request that the individual purchase a gift card (Walmart, iTunes, etc.). The emails have used an external email address like supervisors.name@gmail.com instead of their SMU email address.

The phisher will request that the gift card numbers and pin need to be emailed or texted to the supervisor. These scammers do their research to get the name of the boss and details of his/her employees. Tracing their source is very difficult.

Don’t be fooled!

Below is the sample email exchange in chronological order. Never comply with a request like this and always confirm either in person or with a phone call with the supervisor to make sure this is not a scam. In the example exchange below, Sally ABC is the chair of the Alternative History department of “univ.edu” and was spoofed by the bad guys. Dave XYZ is Sally ABC’s personal assistant.

From: Sally ABC<sally.abc@gmail.com>
To: Dave XYZ <dxyz@univ.edu>
Subject: Respond
There is something I need you to do. Can you get this done ASAP? I need couple of Walmart gift cards (worth $100) for some a giveaway for a student club. Please get the physical card from the store. I need to send them out in less than an hour. When you get the cards, scratch out the back to reveal the card codes, and email me the codes.
I am going into a meeting now with limited phone calls, so just reply my email.
Sally ABC
Sent from my iPad
-----------------------------
Subject: Re: Respond
From: Dave XYZ <dxyz@univ.edu>
To: Sally ABC<sally.abc@gmail.com>
Sally,
Find below the codes below:
Xxxxx 12234 xxxyyy
Abcde 12345 12344
Sent from my iPhone
------------------------

If you have any questions, please feel free to contact the IT Help Desk at 214.768.HELP (4357) or at help@smu.edu.

Phishing Alert: HSA Important Message Email

Phishing AlertSMU Human Resources has circulated a notice that several SMU employees were targets of a phishing campaign masquerading as the managing services for the University’s Health Savings Account (HSA). Unfortunately, the phishing incident occurred shortly before BenefitWallet sent legitimate direct emails about the member portal upgrade to SMU employees enrolled in an HSA.

Details from the original BenefitsU notice from HR is below: Continue reading Phishing Alert: HSA Important Message Email

Phishing Alert: Fraudulent DocuSign E-mail

Phishing AlertDocuSign, one of the document and signature management platforms SMU utilizes, recently reported a phishing campaign that attempts to mimic a DocuSign signature required notification e-mail. Here’s what they had to say:

DocuSign has observed a new phishing campaign that began the morning of May 16 (Pacific Time). The email comes from “dse@dousign.com” with the subject “Legal acknowledgement for <person> Document is Ready for Signature” and it contains a link to a malicious, macro-enabled Word document. We suggest you do not open this email, but rather delete it immediately.  If you have received the email and opened it, please change your password as soon as possible.

If you have received an e-mail like this, delete it immediately! If you clicked on any links or attachments in the e-mail, reset your SMU password immediately at smu.edu/password and call the IT Help Desk at 214-768-4357.

If you would like to be automatically informed about the latest security updates and alerts for DocuSign, please follow @askdocusign (DocuSign Support) on Twitter, where they will be posting notifications when the Trust Center is updated.

Phishing Alert: Fake Google Docs Share Requests

Phishing Alert

OIT has received multiple reports from the campus community as well as from Canvas Support regarding suspicious e-mails that appear to be a Google Doc sharing request. The message will contain “…has shared a document on Google Docs with you” or similar verbiage with a ‘hhhhhhhhhhhhhhhh@mailinator.com` or similar cc’d on the email.  Continue reading Phishing Alert: Fake Google Docs Share Requests