Archive | Uncategorized RSS feed for this section

PSA: Payroll Scams

The information Security office has received reports of a payroll/ payday scam going around the university. The scammer’s are using phone calls and text messages to carry out the scam. Please be aware of these scams and report any suspicious phone calls or texts to VCU information Security.

The scammer will reach out to the victim and claim that payroll cannot be completed unless the victim can come up with some money. The scammers will ask that the victim wire over the money so that they can complete payroll. The scammer will use supervisor’s / manager’s names in the scam to appear more authentic. The scammer will also use spoofed numbers from around the area to appear more authentic.

Please note that your company will NEVER ask a employee to shell out some money to complete payroll. If you are unsure about a scam, contact your supervisor directly or report the incident to infosec@vcu.edu where we can investigate.

Comments Off on PSA: Payroll Scams

PSA: Fake Job Offer Scams

The Information Security Office has received several reports of fake job offer scams being sent to VCU.

This is a scam in which the scammer is posing as a company or someone who is offering a job. The scammer will offer the victim a job. The job will usually be about an assistant or a purchasing officer. The scammer will send the victim a check, the check will have the victim’s “paycheck” and more to pay a vendor.

Usually, the victim will deposit the check and send money to the vendor. After the bank does an audit on the check, usually 1-2 weeks, the bank will find that the check is fraudulent. The check will bounce and the money will be removed from the victim’s account, any money sent over to the vendor will still be removed from the victim’s account.

As such, please avoid and report all job offer scams to infosec@vcu.edu.

In order to determine, if one of these job offers is a scam, check the email address, is the email from the company they claim to represent? Does the email address match with whom the person state they are? Check linkedin and google for the person’s name, do they work at the company they claim to represent? Is the job offer too good to be true (is the payment extremely high for amount of work)?

Is the person offering an interview? Please be aware that almost all companies will require an interview in order for employment. Finally, if you are just unsure please send it to infosec@vcu.edu for further inspection.

Comments Off on PSA: Fake Job Offer Scams

Docusign Phish – 6/7/2019

The following phishing email used a fictitious Docusign email in order to lure users to another website where it captured login credentials. The hyperlink to view the document was what gave this phishing scam away.

 


Phishing Docusign Email Example

Comments Off on Docusign Phish – 6/7/2019

Executive Officer of HSBC Investments – Mary Currie, Scam 5/31/2019

The following is a scammer appearing to be ‘Mary Currie’ with HSBC Investments. They have spoofed the email of Mary in order to appear authentic. Their goal is to establish communications in order to receive a financial transaction. This is a scam that should be deleted and ignored.

 


From: Mary Currie <marykcurriea@msn.com>
To: Victim@vcu.edu
Sent: Thursday, May 30, 2019, 6:36:44 AM CDT
Subject: Re: Victim Name
Dear  VCU Victim

Thanks for your response. I am Ms. Mary Kathleen Currie Executive Officer of the Prudential Regulation Authority and also one of the Managing Director at HSBC Investments (UK) Ltd.
 
I am contacting you concerning a deceased customer and an investment he placed with our bank management some years ago. The content of this communication has to be treated with utmost confidentiality, to avoid unnecessary complications.

Please before I proceed further and let you have all the details, I will appreciate if you can confirm your name and last name as well your direct number; this is to ensure that I am dealing with the right person.

Meanwhile Due to what is going on worldwide via the internet, to clear your doubt about me, please check my biography from the below link.

https://www.bloomberg.com/research/stocks/private/person.asp?personId=20610569&privcapId=6489375
 
Let me know if it is okay for us to talk over the phone, You can also contact me on my private line +44 770 031 4338, Add me on the what’s-App preferably. Once you establish your willingness and readiness to work with me, I will be contacting you from my official email address with my signature as well, also with time, I promise to send you my proof of identification.

Please confirm the receipt of this email so I can forward you more details.

I await your swift response.

Best Regards,
Ms. Mary Kathleen Currie

Comments Off on Executive Officer of HSBC Investments – Mary Currie, Scam 5/31/2019

Welcome To Bank Of America Headquarters, Scam 5/20/19

The following is a scam in which the scammer is posing as a bank with some lost compensation, in this case 486.8 million, to be paid to the victim. The victim would just need to provide information to the scammer.

 

This is a fake email and is not a real payment! The email address used is not a bank official email and 486.8 million is an obscene amount of money to pay out to an individual. Sounds too good to be true and it’s not. This is a scam that should be deleted and ignored.

 


From: Brian T. Moynihan [mailto:donsauto@ruraltel.net]
Sent: Monday, May 20, 2019 1:58 PM
To: Victim@vcu.edu
Subject:  Welcome To Bank Of America Headquarters.

 

Welcome To Bank Of America Headquarters.

You total SCAM VICTIMS COMPENSATION FUNDS is waiting

to be credited to you account for online
banking transfer as soon as we hear back from you with

you contact
details, Your cell phone is needed, funds amount: $486.8Million.

Thanks,
E-mail abankof361@gmail.com
Contact:+1(507)3017912
Brian T. Moynihan
CHAIRMAN BANK OF AMERICA HEADQUARTERS

 

 

Comments Off on Welcome To Bank Of America Headquarters, Scam 5/20/19

Fake Money scam, 5/20/19

The following is a scam in which the scammer is posing as a bank official (HSBC in this case) where they are using a variant of, your rich relative, which you didn’t know existed, has passed recently and left a ton of money for you.

This particular scam attempts to legitimize themselves by providing a link to a Bloomberg profile. The scammer offers an alternative way to contact them and says they will provide ID verification once they’ve heard back from the victim.

This is a scam in which the scammer will provide a check, and ask that the victim send some of that money over to another person who needs to be paid. The check is fraudulent and will bounce, but the money that the victim shelled out will still be taken from the account.

Do not fall for this scam! If you have received and email like this please forward it to infosec@vcu.edu and ignore it.
——————————————————————————-
From: Mary Currie [marycurriieo@msn.com]
Date: Mon, May 20, 2019 at 10:10 AM
Subject: Re: Victim’s Name
To: Victim [victim@vcu.edu]

Dear Victim,

Thanks for your response. I am Ms. Mary Kathleen Currie Executive Officer of the Prudential Regulation Authority and also one of the Managing Director at HSBC Investments (UK) Ltd.

I am contacting you concerning a deceased customer and an investment he placed with our bank management some years ago. The content of this communication has to be treated with utmost confidentiality, to avoid unnecessary complications.

Please before I proceed further and let you have all the details, I will appreciate if you can confirm your name and last name as well your direct number; this is to ensure that I am dealing with the right person.

Meanwhile Due to what is going on worldwide via the internet, to clear your doubt about me, please check my biography from the below link.

https://www.bloomberg.com/ [Link Redacted]

Let me know if it is okay for us to talk over the phone, You can also contact me on my private line [Phone # Redacted], Add me on the what’s-App preferably. Once you establish your willingness and readiness to work with me, I will be contacting you from my official email address with my signature as well, also with time, I promise to send you my proof of identification.

Please confirm the receipt of this email so I can forward you more details.

I await your swift response.

Best Regards,
Ms. Mary Kathleen Currie

Comments Off on Fake Money scam, 5/20/19

Copier Toner – Phone Scam

There have been reports about a phone scam in which the scammer is posing as a printer company that has toner for sale. The scammer states that the toner price is rising and they need the victim’s credit card information to lock in the price.

The scammer is attempting to trick the victim to believe that they need to provide credit card information now to lock in the toner price.

Please do not listen to the scammer! If you receive or received a phone call like this please ignore it.

Comments Off on Copier Toner – Phone Scam

What was Jane talking about this morning? Scam 4/17/2019

The following is a scam in which the scammer is hoping to trick the victim into clicking a link. If you see this email please delete it.

———————————————————————————–

From: Mary.D@advanced-tactic.info
Date: Fri, Apr 12, 2019 at 2:40 PM
Subject: What was Jane talking about this morning?
To: victim@vcu.edu

I know you wasn’t at the meeting, but did you see the presentation…

SlideShow

Sharon
Manager – Human Resources
Human Resources Department
Virginia Commonwealth University
@vcu.edu
(o) 804-828-2633
(c) 804-827-2072

Comments Off on What was Jane talking about this morning? Scam 4/17/2019

check for me please, Scam (4/5/2019)

The following is a scam email where the scammer has posed as a technology support officer and ask that the victim click a link and enter their credentials into the site to claim their account. Please be aware that any system changes like this would be heavily communicated from the Technology services team.

If you see this email please ignore and delete it.

 

Comments Off on check for me please, Scam (4/5/2019)

PSA: Phishing Sites and DUO requests

Virginia Tech has been hit with a complex phishing scam. The scammer’s are spoofing the site and then using the stolen credentials to trigger DUO requests. The scammer’s are also using spoofed DUO emails to collect the “2nd factor”.

Never accept DUO requests that you are not expecting. Also please note DUO requests will NEVER come in via email.

If you see a DUO request that you are not expecting please report the incident to infosec@vcu.edu.

You can read more about the Virginia Tech incident here: https://vtnews.vt.edu/notices/it-itso-vtloginphish.html

Comments Off on PSA: Phishing Sites and DUO requests