There is a new phishing email that promises $500.00 a week to work part time for UNICEF. Several university email accounts were compromised in a prior attack and the scammers are using these accounts to conduct this attack. Notice that they request that you use your personal email address. Once the victim responds, the scammer asks for your banking information so they can “pay” you via direct deposit. They instead steal money, sometimes thousands, from your bank account. A copy of the phish can be seen below.
Some commonsense tips when you see these types of phishing emails.
If it’s too good to be true it probably is.
All of these types of emails follow the same pattern. 1. Good pay for little work, 2. Respond using your non-Loyola email or text, and 3. The email generally comes from a compromised LUC account.
Information Technology Services regularly monitors for phishing attacks and will scramble the password of an account that is compromised. If you fall for a phish and provide your password, you will most likely get a multi factor authentication request from your Microsoft Authenticator app that you do not expect. If you receive an MFA request that you do not expect, do not press Accept. Go to Loyola’s self-service password reset and change your password immediately.
From: [REDACTED]Sent: Saturday, October 29, 2022 3:21:13 PM
Subject: Unicef Employment
I am sharing job opportunity information to employees who might be interested in a paid UNICEF Part-Time job with a weekly pay of $500 .
Kindly contact Declan Campbell with your personal email address I.e. Gmail, Yahoo, Hotmail, icloud etc.) For more details on the job view attached.
Take note: Do not directly reply to this email and if interested contact Mr Declan Campbell via (dc853241@gmail.com)
Sincerely,
Student Job Board