LITS has observed a recent uptick in phishing activity targeting students, faculty, and staff. We encourage all members of the MHC community to be vigilant and always err on the side of caution. If you suspect you've been targeted by a scammer or phishing attempt, please report it to the Technology Help Desk immediately.
Common phishing schemes right now include:
- Employment scams: Students should be especially suspicious of job postings/offers that seem too good to be true. Scammers advertise jobs exactly where real employers do, including popular websites and the classifieds. They may say they’ve got a job waiting, or guarantee to place you in a job, if you just pay a fee. Legitimate employers and firms DO NOT ask you to pay for the promise of a job. Watch the FTC's video on job scams for more information
- Imposter scams: If someone in authority sends you an email asking “Are you available?” Be careful, it might be a scam. The message appears to be from someone you recognize and trust (like your boss, a Dean, or trusted colleague), but look closely at the email address. Is it the right format or address? These attempts often result in a request for you to buy gift cards. Don’t take the bait.
- Payroll Phish & IRS/Tax scams: Tax season is often a busy time for scammers and phishers. They use this season to try to steal your personal information. The IRS will never email or call you. If a message looks to be from your payroll department, scrutinize it very carefully. If something about the email seems “phishy,” do not respond and do not click on any links or open attachments.
Visit Security and privacy and Phish Bowl fraudulent email alerts for more information about what phishing is, preemptive ways to protect yourself, how to identify fraudulent emails, and what to do if you receive a suspicious message. The Phish Bowl is a record of the latest phishing attempts perpetrated against the MHC community. Check the Phish Bowl to familiarize yourself with what confirmed phishing attempts look like and/or see if others have received the same suspicious email as you.