Hello,

 

The email below was reported to the ITS Security team in early September, however, there are still a number of victims being scammed by this email.  A UNK email account was compromised, and used to send to mostly students to entice them to respond to earn money advertising a company while driving their car.   Some students have fallen victim, and are just now finding out it was a scam.  When you send a message to the email provided ([log in to unmask]), you would be advised that this would be a job advertising the upcoming Olympic Games.   “Frank Anderson” was the name utilized and a phone number was given.  “Frank” told the victim they would receive a check and get paid, to use the money to pay to get the advertising on their car.  The check took over a month to be received, and it was for an amount over $3,000.  However, when the check is cashed, the check is fraudulent, and the victim sends a check to the company to get the advertising for their car ordered.  The check received from “Frank” comes back as fraudulent, but the victim has already sent a different check and is out the money.

 

If you contacted [log in to unmask] and are either waiting on a check, or have received a check, please be aware this is a SCAM and do NOT attempt to cash the check.  If you received the check, contact UNK Police. 

 

When receiving job offers through email unsolicited, always be skeptical.  Work directly with the organization.  If they are a well-known organization, they typically will have their own email domain and not use @gmail.com.  In the case of the email below, some attempts were made to validate the email, but the thief was very clever in this attempt.  If you are uncertain if an email is a scam/hoax or phishing attempt, reach out to IT support to help.

 

 

 

Report Phishing

We appreciate everyone reporting the phish email to the security team.

  1. If you are a university faculty or staff member, and use Outlook, you should be able to report the email through the REPORT PHISH button.
  2. If you do not have the REPORT PHISH button, send an email to [log in to unmask].

 

Protect Yourself from Phishing Emails

As we approach the holiday season, be on the lookout for other types of phish emails. Scam and phish emails are being generated more often, and generally is using a compromised email account, or may include an “imposter” email address that makes it look like it is coming from a person you know. 

 

Never click on a link or open an attachment unless you KNOW the link/attachment is safe.

This means you might need to call or text the person who sent you the link/attachment and make sure they were the ones to send the email.

 

Have you been tricked?

If you were tricked into clicking on the link and you attempted to login, please change your password immediately and contact your Help Desk/Center (contact info below) to make sure your account is secured.

 

We appreciate everyone’s help getting the word out about this scam.

 

Thank you!

 

UNK ITS Helpdesk 308-865-8363
UNL ITS Help Center 402-472-3970
UNO ITS Help Desk 402-554-4357

 

Cheryl O’Dell, CISSP, GCFE

Incident Response Manager

Cybersecurity & Identity|ITS|

501 127H, 68588-0203

University of Nebraska |nebraska.edu

Kearney|Lincoln|Omaha

402-472-7851 (o)