Embedded Files
February 14, 2020 11:00 AM
February 14, 2020 11:00 AM
Two new phishing emails were received today by several users. They are related to the Corona virus and unusual sign-in activity. Please be aware that these are both phishing emails and should not be opened, and you should never click on a link contained within the email. Here is how to spot why these emails are fake:
Message subject: [External] Ellucian account unusual sign-in activity. The subject is tagged as [EXTERNAL], while the email address appears to come from technical support at Elms. Further inspection of the email address reveals that the domain name is misspelled (ellms.edu)
Message subject: Coronavirus safety measures. The subject appears to have originated from a legitimate elms.edu email address. One clue that the message is not from an Elms employee is the display name, reedd, is not a full name. All Elms College email addresses should display the users full name. Dr. Reed also lists his credentials from an advisory board not affiliated with the College. The email contains limited information in the body and instructs users to click on a link to an external site. The link in this email points to an unknown site (see below), which can be viewed by hovering your cursor over the link.
October 4, 2019 12:52 PM
October 4, 2019 12:52 PM
FRAUDULENT EMAILS
FRAUDULENT EMAILS
Recently, there has been a significant increase in phishing attempts through the Elms College email system. Phishing is a type of fraudulent email attack used to try to obtain a user’s personal data, login credentials, credit card numbers, bank account numbers, etc. by posing as a trusted individual or colleague. One way a hacker does this is by sending out emails from a spoofed (fake) account. The sender’s fake email may be similar to an Elms email address or it may appear to be from someone you know and trust. A person may mistakenly open a spoofed email without thinking twice.
As a reference, Elms email addresses end in either: @student.elms.edu or @elms.edu. For example, if an email was sent from elmscollege@gmail.com then you know that this is not a trustworthy email. A fake email may also come from an external account, such as Gmail or Yahoo, but the display name has been changed to that of someone you know at the College. See examples below.
One way that you can protect yourself from phishing attempts and fake email is to look closely at the email address. If you are unsure about an email, contact the person directly to verify they actually sent the email. In addition, never click on links or attachments that you did not expect to receive or that appear suspicious. They may contain malicious software that could be very harmful.
You can also check the email sender information to examine the email address. To view this information, click on the arrow to the right of the "to" section under the sender name, then expand the section to show details as shown in the example below.
Example 1: A user receives this email and it appears to be sent from an Elms employee. Notice the subject line has the [EXTERNAL] tag, so this should alert you that it came from outside source and may not be legitimate.
Example 2: Inspect the email details by clicking on the drop down arrow in the sender field (circled in green). Here you will see that the message is actually from a personal account, so the email may be fake.
How to Recognize and Avoid Phishing Scams
How to Recognize and Avoid Phishing Scams
Scammers use email or text messages to trick you into giving them your personal information. They may try to steal your passwords, account numbers, or Social Security numbers. If they get that information, they could gain access to your email, bank, or other accounts. Scammers launch thousands of phishing attacks like these every day — and they’re often successful.
-FEDERAL TRADE COMMISSION, Consumer InformationAdditional Resources:
https://www.consumer.ftc.gov/articles/how-recognize-and-avoid-phishing-scams
https://staysafeonline.org/blog/5-ways-spot-phishing-emails/
Wednesday, January 2, 2019 12:00 PM
Wednesday, January 2, 2019 12:00 PM
'Suspicious sign in prevented' email
'Suspicious sign in prevented' email
If you’ve received a ‘suspicious sign in prevented’ email from Google, it means we recently blocked an attempt to access your account because we weren’t sure it was really you. To help protect your account, we send you an email when we notice unusual sign-in activity, like an attempt to sign in from a different location or device than normal.
How do I know this email is really coming from Google?
How do I know this email is really coming from Google?
Unfortunately, sometimes hackers try to copy the “suspicious sign in prevented” email to steal other people’s account information. Always be wary of messages that ask for personal information like usernames, passwords, or other identification information, or send you to unfamiliar websites asking for this information.
To be safe, if you get an email from Google notifying you about suspicious activity, follow the directions below to check for suspicious account activity and change your password if you notice anything unfamiliar.
Check for suspicious account activity
Check for suspicious account activity
If you’ve received this email, we recommend you review your recent activity:
Go to your My Activity page.
You may be asked to sign in to your account.
Review your recent activity and look for unfamiliar locations or devices. You can also click on any event in the list to see more details about it on the right.
If you see activity you don’t recognize, change your password immediately and notify the IT Service Desk.
Report abuse