Security Awareness and Phishing Scams
We have been warning about email Phishing scams for a long time, and while the situation has improved due to a combination of increased awareness, vigilance and improved technical countermeasures – Phishing remains a real threat.
There is currently an ongoing wave of phishing scam emails going around impersonating highly visible individuals on the campus, urgently requesting phone or account information from you. Use the context clues from the KnowBe4 security training to help identify these malicious emails, and ignore and delete them.
Common examples are:
- Urgent requests
- Requests for your or Purchase’s data (account information, phone numbers, student lists, etc..)
- The name on the email doesn’t match the actual email address
- Common grammar or spelling mistakes.
There will be an updated version of the Security Training offered in the Fall.
Example malicious email:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
From: Ryan Nassisi <NotAPurchaseAccount@gmail.com> note it does not originate from a @Purchase.edu address
Sent: Friday, July 14, 2023 10:49 AM
To: Junor, Bill <bill.junor@purchase.edu>
Subject: Please note urgent request
–
Hello,
Kindly let me know if you have a free time right now, kindly reply with a number I can text you on. note urgent request for your data
Ryan Nassisi
Super important person of Campus Technology Services