Over the weekend, several people were targeting by phishing emails from scammers purporting to be the Dean of the College of ACES. You can see an example of one email chain below.
Tips on spotting a scammer operating like this:
1. Check the sender’s email address – if it isn’t from their @illinois.edu address, write to them directly (i.e. a new message) and ask if they sent the message
2. Grammar and typos. Yes, even Deans and Department Heads make mistakes, but if there are several, and/or the “voice” of the email seems off to you, even if the email is from an @illinois.edu address, contact the sender directly (i.e. a new email) and ask if the message came from them.
3. Check this website for examples of similar messages, like this one. It’s possible a campaign has already been circulated, even though this is your first time receiving one of the emails.
4. When in doubt, and especially if you’ve clicked a link or opened a suspicious attachment, contact your IT support team! We’re always happy to help.
Example of impersonation scam from this weekend (click for larger version):
We have received reports of phishing attempts impersonating Deans, Departments Heads, and Faculty. An example is below.
The common elements appear to be Gmail accounts and requests for personal phone numbers.
If you receive one of these message, please DO NOT share your information, and send the email as an attachment to email@example.com. IT Security will report the fraudulent account to Google.