Bank Transfer with encrypted attachment

Uncategorized

Why this looks valid

  • The email appears to be from from Vassar College
  • The email presents itself as a zipped excel document

Why this is phishing

  • The from address is not from Vassar.edu
  • The attachment is encrypted with the password in the text of the email
  • Vassar college will NEVER send bank transfer requests without director supervision to your inbox.
  • The Encrypted document is malicious and can be used to infect your computer.

Additional notes

“COVID-19 Benefits”

Phishing

 

Subject: FW: Covid-19 Benefits
To:

 

In response to the current hardship in the community due to the COVID-19 pandemic, the Employee Assistance Program has decided to support students and employees.

 

The Employee Assistance Program will pay $3,780.00 to all eligible students and employees, as COVID-19 benefits, starting from, Friday, April 29, 2022


Visit the COVID-19 SUPPORT HUB and login with your email to submit your application.

 

Note: This Benefits Program is available to all students and employees.

 

Sincerely, 

 

COVID-19 Support Team

Employee Assistance Program

 

Continue reading “COVID-19 Benefits”

Suspicious emails impersonating Vassar personnel

Fraud, News

In the last two days Catch of the Day has received multiple reports of suspicious email messages claiming to be from Vassar personnel.  All of these messages came from gmail.com, not from vassar.edu.  The messages ask the recipient one of the following:

  • What is your cellphone number?
  • Reply quickly; it is urgent and I need a favor
  • Are you available?

If you receive one of these messages, please email it to catchoftheday@vassar.edu and then delete it.  If you engage the sender, it will lead to a fraudulent financial transaction in which you may have funds stolen from you.

These emails are from a criminal who is trying to steal money by impersonating Vassar employees and targeting people within an individual’s department or organization.  The criminal tries to convince the recipients to purchase one or more gift cards and send back the redemption codes.  This is a common scam based on existing trust relationships among employees.  Remember to always double-check the “from” and “reply-to” addresses in email to verify the sender.  It is a good practice to contact the purported sender through a known phone number, or create a new email sent to the person’s vassar.edu email address to ask if the original request was authentic.  Also, if these messages are discovered in a Spam or Junk folder, it is reasonable to assume that the message is not a valid request from a Vassar College community member.

The reports we received specifically targeted department heads and supervisors.  The incoming email addresses were blocked as soon as they were brought to our attention, in order to prevent additional communication from the criminal.

Thank you for your attention and thank you as always for your timely reporting!  The diligence from our community members keeps all of us at Vassar College safe and secure.

NEWS: CIS has a new Service Status page!

News

Stay informed about information security alerts with the new CIS service status page!

Computing and Information Services has a new status page available at servicestatus.vassar.edu. The page displays information about all scheduled maintenance, outages, and information security alerts.

Make sure you subscribe to the services you use in your work and/or studies at the college and the information security category to stay informed about relevant maintenance, outages, and alerts. There are guides to help you get started at go.vassar.edu/statuspagehelp. More information about CIS communicates is available at computing.vassar.edu/communications.

If you have any questions or need additional assistance, please contact the CIS Service Desk at (845) 437-7224 or servicedesk@vassar.edu.

Beware of COVID scams! A message from Catch of the Day

News, Security Tip

Here at Catch of the Day we care about avoiding malicious emails that attempt to steal data or money, whether from Vassar College or from any individual associated with the college.  We don’t want anyone to suffer negative impacts from cybercriminals and all that they do!

We also care about avoiding scams that are not directly related to computing.  Ever since the COVID-19 pandemic started, cybercriminals have been taking advantage with some new and interesting ways to try to steal data and money.  It is important to be aware of all these scams and understand how to avoid them.

Here is a partial list of COVID-19 scams to watch out for:

  • Fake contact tracers – you may receive a call from someone who claims to be a contact tracer.  A contact tracer will only ask you for your name, address, general health information, and where you have been in the last 14 days.  A contact tracer will never ask for your Social Security Number, Credit Card number, bank account, or ask for any payment.  Also, a contact tracer will never send you a text or email with a document for download.
  • Fraudulent unemployment claims – criminals may file for unemployment benefits under your name.  If you receive any communication from an unemployment office that your claim has been processed and you did not submit it yourself, contact the unemployment office immediately.
  • Fake products – avoid purchasing COVID-19 related products such as personal protective equipment (PPE), medications, herbal remedies, air filtration, or other related products that you see advertised via email or websites.  Always consult with a health professional for the latest guidance and verified products.
  • Fundraising scams – beware of solicitations for fundraising related to COVID-19 relief.  Even if you get an advertisement or an email that appears to be from a known charity, you should check the official organization’s website to ensure that they are raising money legitimately.  Also, beware of individual pleas for financial assistance, such as those found on Go Fund Me

If you ever see an advertisement or get an email and you are unsure of it’s legitimacy, send it along!  Email the link or forward the original email to catchoftheday@vassar.edu If you get a suspicious phone call, you may report it to the same email address.  If it is urgent, please contact the Service Desk at 845-437-7221

Stay vigilant!  Stay safe!  And most importantly, don’t get hooked.

Helpful links:

Pharmacy Scam related to COVID-19

Fraud

A community member reported a new scam by telephone.  The caller claimed they were from a pharmacy, and in partnership with Aetna, would provide over the counter medications mailed to their home for free.  The caller had the individual’s name, address, and date of birth.

Cyberattackers will take advantage of any opportunity to scam people in order to steal money.  With the current public health emergency, there will be an increase in telephone, email, and website scams.  Please be hyper-vigilant when answering calls, responding to emails, and clicking on links, especially from social media.

Here are some tips for spotting a phone scam:

  • Ask what company the person is calling from
  • If possible, put the person on hold and look up the phone number they are calling  from on your computer
  • If it’s a known company, offer to call them back on their verified number
  • Any caller who asks for restricted information such as social security number, credit card number, family member’s names, personal address, or home phone is suspect

In this case the person who received the call offered to contact Aetna to verify that this was a valid offer.  At that point the caller hung up the phone.

Please always report suspicious emails, phone calls, and even websites to catchoftheday@vassar.edu

Thank you all for your diligence and continued reporting!