Educause Security Discussion mailing list archives

Re: Student phishing, "internship" opportunities, etc.

From: "Scantlin, Aaron J." <ScantlinA () MISSOURI EDU>
Date: Mon, 30 Jul 2018 17:02:50 +0000

We've experienced this from time to time... very rarely do they try and impersonate a University official on such a 
large scale, but it's not unheard of.

In addition to what you've already done, it might also be a good time to remind your users what some best practices for 
ensuring an e-mail isn't a phish:

  -Verify that the sending e-mail address is indeed from your organization
    -To that end, setup SPF and DKIM to help protect your users from spoofing
  -Legitimate University of Arizona e-mails will not ask you to send PII via unencrypted channels [hopefully! :)]
  -If something sounds too good to be true, there's a fair chance that it is too good to be true

You might not be able to use all of that depending on your campus' political climate, but coupling technical controls 
with more aggressive awareness seems like a good way to attack this problem.

Aaron J. Scantlin
Security Analyst, Division of IT
GSEC, GCFA
University of Missouri, Columbia
(W) +1-573-884-7555
(C)   +1-573-424-0539
scantlina () missouri edu<mailto:scantlina () missouri edu>

From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Banks, 
Teresa E - (tbanks)
Sent: Monday, July 30, 2018 11:56 AM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: [SECURITY] Student phishing, "internship" opportunities, etc.

Hi everyone,

Our students have been getting pummeled with emails offering them "internship opportunities" or "jobs" that appear to 
be sent from a faculty member, but turn out to be fraudulent (see sample at 
https://security.arizona.edu/phishing-alert/72618-internship-opportunity).

Are other universities experiencing this?  If so, what is the approach (beyond posting the phish as an alert) to help 
students understand that they are targets for fraud?

We want to take a strategic approach to helping our students, and thought we would see if the community had any good 
advice.

Thanks in advance,
Teresa E. Banks
Manager, Information Security
Information Security Office
The University of Arizona
Office:  520.621.8476
Cell:  520.909.6057
Email:  tbanks () email arizona edu<mailto:tbanks () email arizona edu>
security.arizona.edu

[UA-InfoSec-Primary-Email-resized]

This email and any attachments thereto may contain private, confidential, and/or privileged material for the sole use 
of the intended recipient. Any review, copying, or distribution of this email (or any attachments thereto) by others is 
strictly prohibited. If you are not the intended recipient, please contact the sender immediately and permanently 
delete the original and any copies of this email and any attachments thereto.

Current thread:

Student phishing, "internship" opportunities, etc. Banks, Teresa E - (tbanks) (Jul 30)
- Re: Student phishing, "internship" opportunities, etc. Scantlin, Aaron J. (Jul 30)
- Re: Student phishing, "internship" opportunities, etc. John Ruggirello (Jul 30)
- Re: Student phishing, "internship" opportunities, etc. Andrea Tanner (Jul 31)
  - Re: Student phishing, "internship" opportunities, etc. Banks, Teresa E - (tbanks) (Jul 31)