The Division of Information Technology (DoIT) are continuing to receive reports of new variants of a job scam claiming to offer a part-time job as an Administrative Assistant at UMBC. Below is an example of one of these variants where the scammer is impersonating Dr. Abigail Granger.

The message above is being sent from a Gmail account <talktosharoldiaz@gmail.com>, not Dr. Abigail Granger’s or any official UMBC account. In addition, the email claims to offer a job at UMBC, but asks the recipients to use text messaging which leaves no record of the communication in UMBC systems. If you receive this email or anything similar, please do not respond.

What to do now?

If you do receive this or a similar scam, please DO NOT respond any further or click on any URLs. If you have provided any banking or financial information, please notify your bank or financial institution immediately. If you have been sent a check, you should not attempt to cash or deposit it. If you have deposited a check already, please contact your bank and tell them that it may be part of a scam.

Whether you responded to the scam or not, please forward the message (with the email headers) to security@umbc.edu. We will also keep track of any other information you submit about the scammers, such as their phone numbers. If you were sent a check or other materials, please send pictures of it and the envelope they came in.

How do I forward full email headers?

https://wiki.umbc.edu/pages/viewpage.action?pageId=1867970 

To read more articles published by DoIT Security please visit: 

https://itsecurity.umbc.edu/critical/?tag=notice.    

https://itsecurity.umbc.edu/home/covid-19-news/?tag=covid19  

The Division of Information Technology (DoIT) continues to receive reports of new variants of phishing emails claiming to offer a part-time job as an Administrative Assistant at UMBC.

Here is an example of the latest variant of this scam email:

From: Dr Jeremy <barry01d1@gmail.com>

Date: Tue, Mar 23, 2021 at 12:55 PM

Subject: UMBC Student Job

To:

University of Maryland, Baltimore County is seeking 

a Research Administrative Assistant /services of a 

competent Computer Science Student, Administrative Assistant 

to work Part-time and get paid $350 weekly. Tasks will be 

carried out remotely. If interested, Do text your name to 

(443) 437-4263 so as to proceed

Best Regards,

Dr Jeremy Dixon

Information Technology & Engineering, 

Room 325J

This email was sent from a Gmail account, not from Dr. Dixon’s or any official UMBC account. In addition, like previous versions of this scam, the email claims to offer a job at UMBC, but asks the victim to use text messaging which leaves no record of the communications in UMBC systems. If you receive this email or anything similar, do not respond.

What to do now?

If you do receive this or a similar scam, please DO NOT respond any further or click on any URLs. If you have provided any banking or financial information, please notify your bank or financial institution immediately. If you have been sent a check, you should not attempt to cash or deposit it. If you have deposited a check already, please contact your bank and tell them that it may be part of a scam.

Whether you responded to the scam or not, please forward the message (with the email headers) to security@umbc.edu. We will also keep track of any other information you submit about the scammers, such as their phone numbers. If you were sent a check or other materials, please send pictures of it and the envelope they came in.

How do I forward full email headers?

https://wiki.umbc.edu/pages/viewpage.action?pageId=1867970 

To read more articles published by DoIT Security please visit: 

https://itsecurity.umbc.edu/critical/?tag=notice.  

https://itsecurity.umbc.edu/home/covid-19-news/?tag=covid19 

The Department of Information Technology (DoIT) has been receiving reports of phishing emails claiming a part-time job as a temporary research aide. The scammer is impersonating Professor Robert Carpenter. Below is an example of this scam:

Although this email looks to be sent from a UMBC account, it can be seen within the email headers that the reply-to is <bobc.umbc.edu@gmail.com> and the return path to <pastors@salemfullgospel.com>. 

In addition, the email is claiming to offer a job at UMBC as a temporary research aide. The email is asking recipients to respond with their personal information, for example their full name, cell phone number and alternate email address. If you receive this email or anything similar, please do not respond.

What to do now?

If you do receive this or a similar scam, please DO NOT respond any further or click on any URLs. If you have provided any banking or financial information, please notify your bank or financial institution immediately. If you have been sent a check, you should not attempt to cash or deposit it. If you have deposited a check already, please contact your bank and tell them that it may be part of a scam.

Whether you responded to the scam or not, please forward the message (with the email headers) to security@umbc.edu. We will also keep track of any other information you submit about the scammers, such as their phone numbers. If you were sent a check or other materials, please send pictures of it and the envelope they came in.

How do I forward full email headers?

https://wiki.umbc.edu/pages/viewpage.action?pageId=1867970 

To read more articles published by DoIT Security please visit: 

https://itsecurity.umbc.edu/critical/?tag=notice.    

https://itsecurity.umbc.edu/home/covid-19-news/?tag=covid19  

Below is an example of a job scam reported to the Department of Information Technology (DoIT). The scammer, impersonating Career Center, is using a fake/spoofed email address <career-services@umbc.edu> that might look similar to Career Center’s real email <careers@umbc.edu>, but can also be easily differentiated by comparing the two.

In the example above, the scammer is trying to impersonate the Career Center of UMBC to offer users a part-time job. The email claims that users must contact the sender at the provided “gmai.coml” address to get the job. The job offer is fake. The message is a scam.  Please do not reply to this or any similar email. 

This message does show some red flags that suggest phishing: poor grammar, incorrect punctuation and a gmail.com address instead of a UMBC email address. Notice how words like “which” is capitalized after a comma. This is not the type of grammar, punctuation or capitalization most would expect from a professional email. Further, no legitimate organization will tell you to respond to a “gmail.com” account to show your interest in the job.

The sender’s fake email address also can be easily differentiated from the Career Center’s real email address :

Scammer Email Address:  <career-services@umbc.edu>

UMBC Career Center’s Actual Email Address: <careers@umbc.edu> 

What to do now?

If you do receive any of these scams shown above or a similar scam, please DO NOT respond any further or click on any URLs. If you have provided any banking or financial information, please notify your bank or financial institution immediately. If you have been sent a check, you should not attempt to cash or deposit it. If you have deposited a check already, please contact your bank and tell them that it may be part of a scam.

Whether or not you responded to the scam, please forward the message (with the email headers) to security@umbc.edu. We will also keep track of any other information you submit about the scammers, such as their phone numbers. If you were sent a check or other materials, please send pictures of it and the envelope they came in.

How do I forward full email headers?

https://wiki.umbc.edu/pages/viewpage.action?pageId=1867970 

To read more articles published by DoIT Security please visit: 

https://itsecurity.umbc.edu/critical/?tag=notice.  

https://itsecurity.umbc.edu/home/covid-19-news/?tag=covid19

Phishing emails, spoofing and forgery schemes have found a hunting ground for cyber attacks within institutes of higher education just like UMBC. Below are some reasons why universities are appealing targets. If you would like more information please see the original article linked below.

Why Target Universities?

• Access to personal data. To a cyber criminal universities are goldmines of information. Universities’ databases contain personal details of thousands of students and staff including names, address, phone numbers, data of birth, social security numbers, driver’s licence numbers, financial information and medical records.

• Access to research. Many universities have cutting-edge research and development departments that may even be funded by the US government. This research information may be valuable to foreign nations meaning that many hackers want to get their hands on the research.
  
  

• Lack of security. Universities allowing students and faculty to bring their own devices onto campus makes it much more difficult to track down and contain any malicious softwares that may enter the network.
  
  

• Budget constraints. Universities have a goal of attracting new students and one way this can be done is by controlling tuition cost. Cybersecurity is a lower priority as most potential students are not likely to decide on a university based on the schools security and privacy practices.
  
  

• Transient nature of universities. Every university has a constant changing population. With each new batch of students or faculty there would be those who are unfamiliar with security policies and procedures.

Examples

One of the phishing schemes involves scammers attempting to gain access to students’ federal student aid (FSA). The attack begins with a phishing email. For example, the message may notify the recipient of a fake university bill that can be paid through the portal. 

These attacks will usually threaten late fees to increase the urgency. Once the attacker has access to the student’s portal, they’ll change the student’s direct deposition destination so that the money is sent directly to the attacker.

Another phishing tactic is the fake job offer. Scammers will recruit students for a fake job. Students who respond to the phishing scams are sent a counterfeit check with instructions to deposit it and to send back a portion to the scammer immediately by writing a check on their own funds. 

After the money is sent back to the scammer, the bank will notify the student that the original check is a fraud and that the student has lost the money they sent.  The is no way to recover these funds.

How to Stay Protected

• Using 2 factor authentication to add another layer of security. UMBC offers 2-step authentication through DUO. For more information on DUO please see https://wiki.umbc.edu/display/faq/Two-Factor+Authentication+with+DUO.  

• Navigating directly to the source rather than clicking a link or opening an attachment within an email or text.

• Looking for typos and errors. 

• Making note if the email is giving a sense of urgency.  Any wording that seems intended to frighten or upset the reader is an attempt to encourage action without thought.

What to do if you receive a phishing email?

If you do receive an email that you believe is a scam, please DO NOT respond any further or click on any URLs. If you have provided any banking or financial information, please notify your bank or financial institution immediately. If you have been sent a check, you should not attempt to cash or deposit it. If you have deposited a check already, please contact your bank and tell them that it may be part of a scam.

Whether or not you responded to the scam or not, please forward the message (with the email headers) to security@umbc.edu. We will also keep track of any other information you submit about the scammers, such as their phone numbers. If you were sent a check or other materials, please send pictures of it and the envelope they came in.

How do I forward full email headers?

https://wiki.umbc.edu/pages/viewpage.action?pageId=1867970 

To read more articles published by DoIT Security please visit: 

https://itsecurity.umbc.edu/critical/?tag=notice.  

https://itsecurity.umbc.edu/home/covid-19-news/?tag=covid19 

For more information please read:

https://www.clearedin.com/blog/phishing-emails-target-universities 

Yes, The Offer Really IS Too Good To Be True. 

Below is an example of a job scam reported to the Department of Information Technology (DoIT). The scammer, impersonating one of several faculty members, is using a compromised UMBC account or a Gmail account to send the fake offers. Please note that the name of the from address in the sample below  has been removed for privacy reasons.

In the example above, the scammer is trying to impersonate a member of UMBC staff and to offer users a part-time job. The email claims that users must contact the sender at the provided phone number to get the job. The job offered in this email though is fake and the message a scam, please do not reply to this or any similar email.

This message does show some red flags that suggest phishing: poor grammar and misplaced capitalization. Notice how words like “also” and “do” are capitalized after a comma. This is not the type of grammar or capitalization most would expect from a professional email.

What to do now?

If you do receive any of these scams shown above or a similar scam, please DO NOT respond any further or click on any URLs. If you have provided any banking or financial information, please notify your bank or financial institution immediately. If you have been sent a check, you should not attempt to cash or deposit it. If you have deposited a check already, please contact your bank and tell them that it may be part of a scam.

Whether or not you responded to the scam, please forward the message (with the email headers) to security@umbc.edu. We will also keep track of any other information you submit about the scammers, such as their phone numbers. If you were sent a check or other materials, please send pictures of it and the envelope they came in.

How do I forward full email headers?

https://wiki.umbc.edu/pages/viewpage.action?pageId=1867970 

To read more articles published by DoIT Security please visit: 

https://itsecurity.umbc.edu/critical/?tag=notice.  

https://itsecurity.umbc.edu/home/covid-19-news/?tag=covid19

The Maryland Department of Transportation (MDOT) warns of a text message from “Maryland-MDot Urgent” which addresses “MDot Customers.” This message was NOT from MDOT. This message contains a link that will ask for your personal information. MDOT will not ask you to enter your personal information in such a manner. This message is SPAM. It has been reported to the MDOT’s IT Department.

If you receive this text message: DO NOT click on the link. DELETE the message!

If you have clicked on the link: Please visit the Maryland Attorney General’s ID Theft page: https://www.marylandattorneygeneral.gov/Pages/IdentityTheft/default.aspxfor information on identity theft and ways to protect against identity theft.

Received any suspicious emails or messages? Please send them to security@umbc.edu

To read more articles published by DOIT visit: https://itsecurity.umbc.edu/critical/?tag=notice

This Is REAL. Acclaim is the company subsidiary of Credly who is handing out UMBC digital badges.

As a part of UMBC’s ongoing effort to protect our data and computing environment, the Division of Information Technology (DoIT) developed a cybersecurity training course. This course will help ensure that community members know the risks posed by the sensitive information we work with, common threats to the campus, and ways to report suspicious activity.

The training is required by the University System of Maryland and the Maryland Office of Legislative Audits and everyone who has completed the training is going to be receiving Employee Cybersecurity Awareness digital badges from Acclaim. Acclaim is the company subsidiary of Credly who is handing out UMBC digital badges.

If you found the email (from an organization you were not familiar with) asking you to click on a link (that made no sense to you) to be suspicious, please know that we applaud your instincts.  By all means, continue to be suspicious of unsolicited email asking you to do things for no reason you understand. We thank those members of the UMBC community who have brought this message to our attention. 

In this case, the message is not a form of phishing or otherwise malicious..

You may click on the “Accept your badge” button if you wish to claim your badge. These digital badges are used to showcase successful completion of training and cyber security awareness  on most professional networking sites like LinkedIn. 

As noted before, please continue to exercise caution in all your communications.  If  you receive any suspicious message, you can send it to us by forwarding it to security@umbc.edu.

The Division of Information Technology (DoIT) has been notified that a scammer is sending out phishing emails claiming to offer an interim personal assistant job. Please note that this offer is fake.  Below is an example of this job scam.

In the example above it can be seen that the email is sent from <Lynda.Box@anu.edu.au> and has the subject “University of maryland, baltimore county apply for spring winter p/t jobs work from school/home offer for students 2021”.  In standard English, of course, proper nouns are capitalized, as in “University of Maryland, Baltimore County”.

The phishing email itself claims to offer students a job as a  personal assistant. The scammer is asking that applicants respond by emailing their personal information.  If you have received this email please do not respond.

There are red flags in this phishing campaign that can help to alert users.. For one thing, the scammer is not giving an interview, even online.  This is a red flag as most jobs would want some sort of interview or meeting process before hiring anyone. Another red flag is that the email uses words like “highly important that you reply,” this gives the user a sense of urgency which frequently a part of phishing and job scam emails.

The terrible grammar and punctuation are also not what you would expect from a professor, providing another red flag.  It is also odd that the email is asking the users to respond to <boseannette85@gmail.com> instead of to Prof. Bonner, the actual sender in the from address.

This job scam is similar to another phishing campaign that the DoIT has been notified of. This other scam comes from a <DJ2205831@pusdk12.org>. For more information on that scam please see the link here (https://itsecurity.umbc.edu/critical/?id=98456).

What to do now?

If you do receive any of these scams shown above or a similar scam, please DO NOT respond any further or click on any URLs. If you have provided any banking or financial information, please notify your bank or financial institution immediately. If you have been sent a check, you should not attempt to cash or deposit it. If you have deposited a check already, please contact your bank and tell them that it may be part of a scam.

Whether or not you responded to the scam, please forward the message (with the email headers) to security@umbc.edu. We will also keep track of any other information you submit about the scammers, such as their phone numbers. If you were sent a check or other materials, please send pictures of it and the envelope they came in.

How do I forward full email headers?

https://wiki.umbc.edu/pages/viewpage.action?pageId=1867970 

To read more articles published by DoIT Security please visit: 

https://itsecurity.umbc.edu/critical/?tag=notice.  

https://itsecurity.umbc.edu/home/covid-19-news/?tag=covid19

Below is an example of a job scam email offering a fake internship opportunity. In the example below the name of the sender has been removed for privacy reasons.

The job scam email above has the subject “HOME BASED INTERNSHIP!” and is coming from a UMBC email address. The email claims to offer an internship opportunity to users.  Please note that this internship is not real.  It is a scam. 

Even though the email is coming from a UMBC address, it is a bit odd that the message is asking users to send a résumé to <isabelmontemayor59@gmail.com>. This should be a red flag to users to help identify a phishing email.

What to do now?

If you do receive any of these scams shown above or a similar scam, please DO NOT respond any further or click on any URLs. If you have provided any banking or financial information, please notify your bank or financial institution immediately. If you have been sent a check, you should not attempt to cash or deposit it. If you have deposited a check already, please contact your bank and tell them that it may be part of a scam.

Whether or not you responded to the scam, please forward the message (with the email headers) to security@umbc.edu. We will also keep track of any other information you submit about the scammers, such as their phone numbers. If you were sent a check or other materials, please send pictures of it and the envelope they came in.

How do I forward full email headers?

https://wiki.umbc.edu/pages/viewpage.action?pageId=1867970 

To read more articles published by DoIT Security please visit: 

https://itsecurity.umbc.edu/critical/?tag=notice.  

https://itsecurity.umbc.edu/home/covid-19-news/?tag=covid19