Phishing Attempts

Phishing Alert | “Memo From HR Department”

Posted August 4, 2017

Tags:



Effective Date: August 4, 2017

Some employees recently received an email claiming to be from the Wheaton College Human Resources Department. The email prompts the employee to open a hyperlink and view a message.

This email is a phishing attempt. Do not click the link. Thank you to all who reported this scam.

If you responded to this scam, please contact us at 630.752.4357 (HELP).

How to Spot a Phishing Attempt

20170804Phishing

The image above is a screenshot of this phishing attempt. Several things indicate that this email is not what it claims to be:

  1. Notice that the email is intentionally vague. This is an attempt make the target feel it is necessary to click the link for more information.
  2. Check to see if the URL matches the supposed sender. You can often hover over links to see the URL. This email claimed to be from the Wheaton College Human Resources Department, but the link directed people to an unrelated website.
  3. A legitimate email from Wheaton College should include contact information such as an email address and phone number for the department sending the email.

Always exercise caution when responding to emails. If you're not sure whether an email is a phishing attempt or not, contact us by email at ait.service.desk@wheaton.edu or call 630.752.4357 (HELP).

Phishing Alert | “Available Office Hours?”

Posted February 28, 2017

Tags:



Effective Date: February 28, 2017

Some employees recently received an email claiming to be coming to Wheaton College to buy unwanted textbooks. The email requests that the employee respond to the email with their availability and room number.

This is a phishing attempt. Do not respond. Thank you to all who reported this scam.

If you responded to this scam, please contact us at 630.752.4357 (HELP).

How to Spot a Phishing Attempt

Phishing170228 

 

The image above is a screenshot of this phishing attempt. Several things indicate that this email is not what it claims to be:

  1. The subject line is posed as a question, and is very vague. While subject lines like this don’t always indicate a phishing attempt, it’s still a sign to be more cautious than usual.
  2. The subject of the email is vague, which is unusual for an official email.
  3. A legitimate email from any institution should include contact information such as an email address and phone number. If you don’t see that, it’s often because the sender is only pretending to be affiliated with a company or college.

Always exercise caution when responding to emails. If you’re unsure whether an email is legitimate, contact us at ait.service.desk@wheaton.edu or call 630.752.4357 (HELP).

Phishing Alert | “CAMPUS SECURITY NOTIFICATION”

Posted February 14, 2017

Tags:



Effective Date: February 14, 2017

Some employees and students recently received an email claiming to be a security notification from Wheaton College Campus Security. The email includes a hyperlink to a protocol outline that the recipients are supposed to open.

This email is a phishing attempt. Do not click the link. Thank you to all who reported this scam.

If you responded to this scam, please contact us at 630.752.4357 (HELP).

How to Spot a Phishing Attempt

170214Phishing 

The image above is a screenshot of this phishing attempt. Several things indicate that this email is not what it claims to be:

  1. The email claims to be from the Wheaton College Campus Security Board, but was not sent from a @wheaton.edu email account.
  2. The subject line is in all caps. While subject lines like this don’t always indicate a phishing attempt, it’s still a sign to be more cautious than usual. All-caps are often used to provoke a sense of urgency that could override healthy caution.
  3. The email is very ambiguous about the alleged “recent security concern,” and prompts the recipient to follow the link to find more information.
  4. Check to see if the URL matches the supposed sender. You can often hover over links to see the URL. This email claimed to be from Wheaton College, but the link directed people to an unrelated website.
  5. A legitimate email from Wheaton College should include contact information such as an email address and phone number for the department sending the email.

Always exercise caution when responding to emails. If you're not sure whether an email is a phishing attempt or not, contact us by email at ait.service.desk@wheaton.edu or call 630.752.4357 (HELP).

Phishing Alert | “fraudulent card charge”

Posted February 9, 2017

Tags:



Effective Date: February 8, 2017

Employees recently received an email confronting them about an unknown credit card charge. The email directs the recipient to follow a hyperlink to view the sender’s bank statement and then respond to the email.

This email is a phishing attempt. Do not provide any information to the sender. Thank you to all who reported the scam.

If you responded to this scam, please contact us at 630.752.4357 (HELP).

How to Spot a Phishing Attempt

170208Phishing2 

The image above is a screenshot of the phishing attempt. Several things indicate that this email is not what it claims to be:

  1. The sending email address does not match the name at the bottom of the email.
  2. The subject line is written in all lower-case letters. While subject lines like this don’t always indicate a phishing attempt, it’s still a sign to be more cautious than usual.
  3. The subject of the is email poorly worded and contains numerous grammatical errors, as well as inappropriate language.
  4. The link may take the target to an actual statement, it may mine for personal information, or it may lead to a website that initiates a download of malware. It is never wise to click on any link in an unsolicited email, especially from a sender you do not know.

Always exercise caution when responding to emails. If you're not sure whether an email is legitimate, contact us at ait.service.desk@wheaton.edu or call 630.752.4357 (HELP).

Phishing Alert | “ASSISTANT PART TIME POSITION”

Posted February 9, 2017

Tags:



Effective Date: February 8, 2017

Some students recently received an email claiming to be a job offer. The email gives some details about the position and asks the student to respond with some personal information if they are interested.

This email is a phishing attempt. Do not provide any information to the sender. Thank you to all who reported the scam.

If you responded to this scam, please contact us at 630.752.4357 (HELP).

How to Spot a Phishing Attempt

170208Phishing 

The image above is a screenshot of the phishing attempt. Several things indicate that this email is not what it claims to be:

  1. The sending email address does not match the name at the bottom of the email.
  2. The subject line is in all caps. While subject lines like this don’t always indicate a phishing attempt, it’s still a sign to be more cautious than usual.
  3. The email is poorly worded and contains numerous grammatical errors.

People are more likely to give up information over time rather than all at once, so fake job scams like this one usually ask for more and more personal information as part of the "hiring process." After the target sends some information, the scammer often asks for photo ID or a Social Security number as proof of identity, or they will ask for banking information in order to "pay" the target. Always research a company or individual thoroughly when you apply for a job, and be wary of unsolicited job offers.

Always exercise caution when responding to emails. If you're not sure whether an email is legitimate, contact us at ait.service.desk@wheaton.edu or call 630.752.4357 (HELP)

Media Center