The online e-mail phishing and spear-phishing scams appear every couple of weeks it seems and are increasing in frequency. The two favorite scams are to spoof e-mails from department directors (or even the VPAA, or CTO, or President's office) to direct reports asking for a "favor". The scam is to try and get you to either purchase gift cards or some other financial related transaction as the "favor". The other scam is to offer a "job" and pay you to attach an advertisement to your vehicle and drive around town with it. Both are bogus.
What to do:
- If you get an obvious scam the easiest thing to do is delete it.
- If you get a blackmail e-mail – do not reply. Delete it or send to firstname.lastname@example.org if you are concerned. We will report the abuse to the domain site and if need be contact law enforcement.
- If you get an e-mail that lists a password that you have used before, make sure that the password listed is not one you are using anywhere. If you are, change it to be safe.
- Do not use the same password for both personal accounts and TLU credentials. Make it harder for a hacker to gain access to all of your data.
- If you get an e-mail from someone you know that seems out of character, question it. Rather than reply (since that will go to the scammer), send a new message to the person asking them if it was legitimate. We have seen a lot of spoofed messages that were not really sent by the sender listed.
Finally, as a reminder, TLU IT will never ask you for your password over e-mail or by clicking any link or to renew or activate anything via an email link. So if you get an e-mail asking for that , no matter how official looking it is, it is a scam. Thanks for staying vigilant and helping keep TLU secure!