Date Sent: Aug 2, 2022
Phishing Summary:
A faculty member from Western Illinois University had their email account information stolen by an attacker. The attacker then used this legitimate email address to masquerade as this person, phishing our Gettysburg College users. The attacker uses the words “Work Offer” to entice the user to use their curiosity against them. The attacker attached a PDF file to the email, which when clicked asked the recipient for more personal information to be sent in a reply. The goal of such phishes, is to trick users into sending money, credit card information and other personal information to the scammer.
Spotting the Phishing
Users should be asking themselves, “Why would this person from a university I’ve probably never heard of, be emailing me directly”? Users should always be skeptical of a message where there is no text within the body of the message. Since the email is blank, it is not being directed at you as a user. These attributes are usually sure-tell signs of a phishing attempt.
What should you do if you receive a Phishing Scam?
- Don't reply
- Don't click on any links
- Don't open any attachments
- Report as spam or immediately delete the email
What should you do if you accidentally clicked on any of the links?
- Immediately change your password, scan your device for viruses and contact the IT Helpdesk or by calling 717.337.7000