Below is another example of a phishing email campaign in which the malicious actor is claiming to be from Corestaff Services. The email below is the initial message sent out to victims to try and get to to respond with an alternate (non-UMBC) email address.
From: charlie putt <puttc10@gmail.com> Date: Mon, Aug 3, 2020 at 2:03 PM Subject: UMBC COVID-19 PART TIME JOB OFFER To: <@umbc.edu> Dear students,
University of Maryland health professionals have been closely monitoring the spread of COVID 19 over the past few months. Therefore the university is organizing an online part time job to sustain the students during the period of this pandemic. I'm happy to inform you that our reputable company CORESTAFF SERVICES Inc® is currently running a student empowerment program. KINDLY EMAIL BACK WITH YOUR PERSONAL EMAIL ADDRESS IF INTERESTED IN THIS JOB POSITION.
Kind Regards Charlie Putt HR Manager/Consultant CORESTAFF SERVICES Inc® |
Once the victim responds with their alternate email address, the scammer will then email that address claiming that the victim got the job and asking for more information. An example of what type of information and how it is formatted in the email is shown below.
NAME: PHYSICAL CONTACT ADDRESS (NOT PO BOX) CITY: STATE: ZIP CODE: BANK NAME: D.O.B: GENDER: MOBILE (Must be able to receive text) : PERSONAL EMAIL: CURRENT JOB: |
If the victim responds with their personal information, the scammer could start messaging the victim over text message and may send a fraudulent check to the victim’s postal address. If this happens to you, please do not try to deposit the check. A very similar scam is described here: https://itsecurity.umbc.edu/critical/?id=94549.
If you do receive this or a similar scam, please DO NOT respond any further or click on any URLs. If you have provided any banking or financial information, please notify your bank or financial institution immediately. If you have been sent a check, you should not attempt to cash or deposit it. If you have deposited a check already, please contact your bank and tell them that it may be part of a scam.
Whether or not you responded to the scam or not, please forward the message (with the email headers) to security@umbc.edu. We will also keep track of any other information you submit about the scammers, such as their phone numbers if you receive a text message from the scammer.
How do I forward full email headers?
https://wiki.umbc.edu/pages/viewpage.action?pageId=1867970
To read more articles published by DOIT visit: