Posted February 24, 2016 by Academic and Institutional Technology
Tags: Phishing Attempts
Phishing Alert | "Recruiting Department"
Students recently received an email claiming to be from the Wheaton College Recruiting Department. The email claims that a job offer is trending and tells the reader to follow a link to read more. This link leads to a page where students are asked to provide personal information.
This email is a phishing attempt. We worked with the site administrators of the fraudulent webpage in the email, and the page has been removed. Thank you to the students who reported this scam.
Spotting Phishing Attempts
The image above is a screenshot of this phishing attempt. Several things indicate that this email is not what it claims to be:
- The email claims to be from "WHEATON COLLEGE," but the actual email address is a Gmail account. Official emails from a Wheaton College address would come from an @wheaton.edu or @my.wheaton.edu account.
- The subject line is in all caps and is very non-specific. While subject lines like this don't always indicate a phishing attempt, it's still a sign to be more cautious than usual.
- The people who put together this scam included the College logo to seem more legitimate. If a person simply skimmed the email and saw the logo, they might not notice the other warning signs of a scam.
- The email is addressed to "Selected Student" and says that the recipient was specifically selected for this job offer. If someone had actually selected a specific person to receive an email, they should also be able to include that person's name.
- Numerous grammatical mistakes indicate that this is not the official College email it claims to be.
- Check to see if the URL matches the supposed sender. You can often hover over links to see the URL. This email claimed to be from Wheaton College, but the link directed people to a non-Wheaton website.
- A legitimate email from any institution should include contact information such as an email address and phone number. If you don't see that, it's often because the sender is only pretending to be affiliated with a company or college.
If you have any questions, please email us at firstname.lastname@example.org or call 630.752.4357 (HELP).