Email scams increasing: What to look out for and how to protect yourself
The KU IT Security Office (ITSO) has seen an increase in two types of email scams:
- Attackers impersonating a KU VIP (dean, department chair, etc.) will email an employee in a position to make purchases on behalf of a KU department and ask the employee to buy gift cards to give as thank yous, rewards or reimbursements to other employees, vendors, etc.
- “Sextortion” scam messages, in which the attacker threatens the recipient with a claim to have video, via the victim’s web camera, of the victim visiting a pornography site. The attacker demands a ransom be paid in Bitcoin.
In most cases, scammers will have done significant research, and they often troll LinkedIn and similar sites for the information they need to make their message look more authentic.
What to do if you receive a suspicious email
Your first step should be to forward the suspicious message to firstname.lastname@example.org. If you receive a request for gift cards from someone claiming to be your supervisor, contact their office using a known, good phone number and do not respond to the email.
While the extortion emails seem urgent and may even contain a password you used at some point in the past, they are not legitimate. Forward them to email@example.com and do not respond. If you believe you are in immediate danger, contact the KU Public Safety Office at 785-864-5900 or by dialing 911.
The scams above are just two examples of hundreds of different scams and phishing attacks. That’s why it is so important for you to be vigilant in recognizing malicious emails and taking action to protect yourself.
Common characteristics of malicious emails:
- The sender email address is from an unfamiliar domain (e.g., @foxmail.com, etc.).
- The sender email address and/or name in the header does not match the signature block.
- The sender email address mentions a known company even though the domain is unfamiliar. (e.g., firstname.lastname@example.org).
- The email begins with a generic greeting: “Hello Bank Customer.”
- The attacker employs a threatening, desperate or far-too-friendly tone.
- The email contains familiar logos that are somehow off (e.g., pixelated, stretched or squashed or otherwise improperly rendered).
Ways to protect yourself:
- Forward suspicious emails sent to your KU account to email@example.com.
- Never click any link or logo/image in an email you feel is suspicious.
- Employ multi-factor authentication for an added layer of security. You can read more at https://duo.ku.edu.
- Always employ complex individual passwords for every site you regularly visit. Store these in a password manager.
- Always lock your computer or phone when you step away from them.
- Ensure the sites you visit employ secure HTTP technology (their URLs begin with https://).
For general information about these attacks and other potential threats, please call the IT Security Office at 785-864-9003 or email them at firstname.lastname@example.org.