Share:

Phishing Scams on Upswing

by Randy Hollowell, IT Services

Please be aware that more phishing messages are making the rounds that appear to be from Miami department chairs, Deans or other campus leaders. These messages simply ask “Are you available on campus?”. If a person responds they'll get a follow-up message similar to: "I'm in a meeting right now and that's why I’m contacting you through here. I should have called you but phone is not allowed to be used during the meeting. I don't know when the meeting will be rounding off and I want you to help me out on something very important right away."Puffin fish swimming in the water

If a person responds again (or sometimes without a response) they'll get another message requesting the purchase of some kind of gift cards (iTunes, Amazon, Steam, etc.) and a note: "I need you to help me get iTunes Gift cards from the store, I will reimburse you back when I get back to the office."

Unfortunately, it is fairly easy to change the display name on an email, so that is why these messages appear to be from someone different than the sender. It is important that when getting a request for a time-sensitive thing, a "send me money/gift cards" request or a "minimal detail please click on this link" request, it is worth double-checking that the email address lines up with the display name.

It is also very difficult for the Information Security office to completely stop these messages, so folks need to be vigilant when receiving a message like this. Crafting a separate email or making a phone call are great ways to confirm if a message is legitimate or not. Just replying to the original scammer's message will often lead to the scammer confirming that the request is legitimate (which of course it is not).

It is also important to note that these attacks are often seasonal, so we're seeing an uptick around the time when it is plausible for someone to be looking to buy gift cards.

The Information Security Office recommends that if you receive a similar email, simply delete the message and do not reply, and do not open the message. If you have already responded to similar messages, and especially if you click any links in a similar message, please contact IT Help immediately. If you receive a message that is questionable please forward it to infosec@MiamiOH.edu, or you may contact IT Help at 513-529-7900.