Recently the DoIT has been notified of a job scam using a compromised UMBC email account to send out fake job offers. An example of the email (with the name of the sender removed for privacy) is shown below.
From: COMPROMISED ACCOUNT <@umbc.edu> Date: Thu, Aug 27, 2020 Subject: Offer To: You are eligible to apply for an opening as an Online Personal Assistant to Ryan Glenn, Investor Relations Paylocity. You will be working remotely and getting paid weekly. You will be required to work for a maximum of an hour daily or six hours weekly. Fill the required information if interested in this opportunity. Name: Physical Address: State: City: Zip Code: Phone #: Email: Alternate Email: A little about you and why you think you should be considered: Send replies to charlenabolinlyco21@gmail.com to apply. Warm Regards Charlena B Publicity Manager |
Please note that this phishing message is coming from a umbc email but the reply-to in the emails headers is set to <charlenabolinlyco21@gmail.com>. This means if the user responds to the email above they would not be responding to the umbc email, instead their email would be sent to the <charlenabolinlyco21@gmail.com>.
If you do receive this or any other email that you suspect is a scam, please do not click on any URL or reply. Either of those actions confirms to the sender that your email address is valid. Please forward the message (with the email headers) to security@umbc.edu.
How do I forward full email headers?
https://wiki.umbc.edu/pages/viewpage.action?pageId=1867970
To read more articles published by DOIT visit: