Be aware that scammers are continuing to send emails purporting to be VIPs like Deans and Dept. Heads. See other examples and info in this post:
https://publish.illinois.edu/phishingalerts/?s=impersonat&submit=Search
Here is an example from today, Nov 20, 2020.
Sharing the following from an IT Professional on campus. He has verified with SURS that they do NOT make personal phone calls.
If someone purporting to be SURS calls you and asks about verifying your identity for insurance or asks questions about HIPAA, please hang up.
From: “Campbell, Lance” <ccsp@lists.illinois.edu>
Sent: Tuesday, September 22, 2020 4:06 PM
To: ccsp@lists.illinois.edu
Subject: [CCSP] SURS Scam Notice
I just received a very clever phone call from a person claiming to be from SURS. They said they needed to verify either my insurance or benefits. The caller told me the call was being recorded. For HIPAA compliance he said he needed to ask me some questions to verify my information. He said “Do you know what HIPAA is?”. At this point I said “I don’t think so.” I hung up.
I did check with SURS to see if anyone contacted me. They said we don’t make personal calls. They reached out to other staff within SURS to validate I was not contacted.
I sent this to all of you because many of you support non-technical people. The individuals pulling this scam are very good and very convincing. I also want to stress that they had my personal cell phone number. I do not forward my work number to my cell.
Thanks,
LANCE CAMPBELL
Software Architect
This is an example of a snail-mail phishing scam! If you receive a notice requesting payment for your xxxxxxxxx.illinois.edu website or domain, you do NOT need to pay it. University websites and sub-domains are managed internally.
Below is an example of a fake invoice. You’ll notice that it says it is NOT a bill, but an offer, which acts as legal cover for this kind of fraud.
