Below is an example of a scam email that has recently been reported to DoIT. The email below the scammer tries to impersonate a member of the UMBC by setting the From email name to that of a UMBC email user. The name has been removed for privacy reasons.
From: FORGED NAME <hya270926@gmail.com> Date: Tue, Sep 15, 2020 Subject: UMBC Student Government Association To: <@umbc.edu> Hello <Users Name>, How are you doing today, I hope this finds you well? Are you currently free? Please I need you to handle a request on my behalf, If yes, email me at the earliest opportunity. Regards FORGED NAME |
This recent phishing attempt has the scammer trying to impersonate a member of the UMBC. These emails are a bit more personalized with the scammer saying “Hello <Users Name>” as well as having the impersonated name at the bottom of the email in the email’s signature.
This email does show some red flags of being a phishing email. First, the email itself is coming from a Gmail account and not a UMBC email account. Second, the email itself has a sense of urgency, urging the user to respond at the “earliest opportunity.”
If you do receive this or a similar email that you suspect is a scam, please do not click on any URL or reply. Either of those actions confirms to the sender that your email address is valid. Please forward the message (with the email headers) to security@umbc.edu.
How do I forward full email headers?
https://wiki.umbc.edu/pages/viewpage.action?pageId=1867970
To read more articles published by DOIT visit:
https://itsecurity.umbc.edu/critical/?tag=notice.
https://itsecurity.umbc.edu/home/covid-19-news/?tag=covid19