The University Information Security Office (UISO) has identified a recent substantial increase in phishing attempts for students. Starting on October 19, students began receiving two phishing emails disguised as a means to make easy money with the intent of stealing personal information including name, address, cell phone number and passwords.
The first email contains the following text:
“University Job Placement & Student Services has selected you for a retail evaluation survey. You will be paid 1000(USD) WEEKLY. Details is to shop as a customer at stores & provide feedback report on your experience. Part Time, Fun and Flexible Timing”
The second email has this text:
“Our records indicate that your Office-365 has two different logins with two universities portals. Kindly indicate the two info logins as soon as possible. To avoid termination within 48hrs and to prevent loss of all emails associated with your account, we expect you to strictly adhere and address it.”
In both cases, the link in the message takes you to a Google Forms page where it requests personal information.
How does it impact me?
Scammers use this method to take over accounts and use them to send more phishing email or in some cases where banking information is requested, steal money if the user provides their password. Once the password is supplied, the scammer uses a technique called “MFA Fatigue” to send multiple push notices via multi-factor authentication to the user in the hopes that they will get tired of seeing them and push “Accept”. Once this happens, the scammer is in.
What am I being asked to do?
Please be extremely cautious when viewing emails and clicking on links or attachments. If you receive an email that you did not expect, advertising getting paid for what seems to be not much work, or an email informing you of a problem with your account, you should report the email to the ITS Service Desk at 773.508.4487 or via email at ITS Service Desk ITSServiceDesk@LUC.edu. After you report the email, you can safely delete it.
If you have already responded to the email and provided information, especially your password, you will most likely get an “Approve Sign-in?” notification from Microsoft Authenticator at a time that you do not expect. If you get an unexpected approval notification, DO NOT ACCEPT IT! Although annoying, scammers are always looking for a quick response and they will eventually stop. Also, if you did provide your password, you need to go to password self service and change it immediately. Microsoft Self Service Password Reset: Information Technology Services: Loyola University Chicago (luc.edu)
Phinn, our phishing mascot, provides some great tips for keeping safe online. They can be found on the ITS awareness page Awareness: Information Technology Services: Loyola University Chicago (luc.edu)
If you have questions or need additional information:
Contact the ITS service desk at (773) 508 4487.