Authority Scams - University Information Technology Services

Phishing Scams

If you have any doubts about the legitimacy of an email, report it to University Information Technology Services (UITS)! Forward it to abuse@kennesaw.edu, or click the "Phish Alert Report" button in Outlook.

Learn more about reporting

Exploiting Dutifulness Example 1

From:

Stephen Sprague <montaje@united-events.es>

To:

scrappy@kennesaw.edu

Subject:

[External] Direct Deposit Update Details
! This message was sent with High Importance.

Message:

Hi Scrappy,

I hope this email finds you well. I wanted to reach out to request a copy of the direct deposit form that I need to fill out before the upcoming payroll is processed.

Thanks,
Stephen Sprague

Director - Audits and Investigations

Stop. Spot. Report.

How many flags did you spot? See the 5 flags in this email.
1. Suspicious domain name. You see a legitimate-sounding name, yet when you hover over it, you can see the actual email address. Legitimate organizations use their own domain names.
2. External sender warning inserted in the subject line.
3. The email is marked with "High Importance," trying to instill a sense of urgency in you.
4. The mention of payroll alarms recipients; they don't want to jeopardize receiving their paycheck on time.
5. There is no clear indication of where Stephen Sprague works. "Audits and Investigations" is not a company name.
What should you do if you received a similar email?
1. Stop: Do not reply and don't download any attachments if there are any.
2. Spot: Note that the email is marked as [External].
3. Report: Use the Phish Alert button to report the email to UITS. (If it is legitimate, you will be notified that you can safely proceed with any requests.)

Exploiting Dutifulness Example 2

From:

InterimChairDepartment@gmail.com

To:

scrappy@kennesaw.edu

Subject:

[EXTERNAL] Quick request

Message:

Kindly send me your available cell number --

Interim Chair Department of <Department Name> and Interim Associate Dean for <Department Name>

Stop. Spot. Report.

How many flags did you spot? See the 5 flags in this email.
1. External sender warning inserted in the subject line.
2. The sender claims to be an Interim Chair of a Department, yet the email comes from a free Gmail account, not a KSU account.
3. No personal greeting. Scammers like to be efficient and send the same email to as many people as possible.
4. A request for your personal phone number may seem simple and benign, but once a cybercriminal has your phone number, they can use it to target you on your phone, and they can gather more personal information through social engineering tactics.
5. The email does not have a proper signature.
What should you do if you received a similar email?
1. Stop: Do not respond to the email. If you are in doubt, reach out through an official channel and ask the person claiming to have a quick request if they indeed contacted you.
2. Spot: Take note of the discrepancies.
3. Report: Use the Phish Alert button to report the email to UITS. (If it is legitimate, you will be notified that you can safely proceed with any requests.)