What is a phishing message?
A phishing email attempts to steal your confidential information by directing you to a false website where you are asked to update personal information, such as a password. Please be aware that there are several of these phishing emails circulating within the Duquesne community that contain links to false sites that will ask you to enter your MultiPass Credentials. Beware: replying to these messages will ALWAYS result in your password being stolen.
Warning: A recent email scam has been reported where the culprit sends the victim an email containing their own password obtained from a previous breach the culprit then claims to have a compromising video then demands money to prevent publication.
Sextortion email example:
I am aware XXXXXXX is your password. Lets get right to purpose. None has compensated me to investigate about you.
You may not know me and you're probably thinking why you are getting this email? Let me tell you, I installed a software on the adult video clips (porno) website and guess what, you visited this website to experience fun (you know what I mean). While you were watching video clips, your browser initiated functioning as a Remote Desktop with a key logger which provided me access to your display screen and also cam. Right after that, my software program gathered your complete contacts from your Messenger, Facebook, as well as e-mailaccount. After that I created a double-screen video. 1st part shows the video you were viewing (you've got a good taste rofl), and 2nd part shows the recording of your cam, yea it is you. You got not one but two possibilities. Shall we look at these possibilities in particulars: 1st choice is to dismiss this e-mail. In such a case, I will send out your very own video recording to just about all of your contacts and think regarding the embarrassment you will get. Not to forget if you happen to be in a romance, how this will affect? Second alternative would be to pay me $7000.
We are going to think of it as a donation. As a consequence, I most certainly will straight away remove your video recording. You can continue on with daily life like this never happened and you surely will never hear back again from me. You'll make the payment by Bitcoin (if you do not know this, search "how to buy bitcoin" in Google). BTC Address to send to: 14CZ5WcUqLm43ChwK37AEmYm4Y1hA77u6y [CASE-sensitive so copy and paste it] In case you are making plans for going to the cops, well, this email can not be traced back to me. I have covered my moves. I am also not attempting to demand a lot, I simply prefer to be paid for. I have a specific pixel within this e mail, and right now I know that you have read this email. You have one day in order to pay. If I don't get the BitCoins, I will definately send your video recording to all of your contacts including relatives, colleagues, and so forth. Nevertheless, if I receive the payment, I will destroy the video right away. If you want evidence, reply Yeah & I will send out your video recording to your 12 friends. It's a nonnegotiable offer, and so do not waste my time and yours by replying to this mail
Warning: A recent email scam has been reported where the culprit sends the victim an email offering a work from home job position. After a few emails back and fourth they may send you a check but request that part of the cash be sent back. The "company's" check will eventually bounce but the victims will go through, they will take the money and end communication.
Job offer email example:
[Company Name] company was established in 20XX by an international team of financial and marketing experts. We specialize in delivering positive business results through solving currency exchange problem as well as online payments and transactions, their tools being innovative solutions, high performance and e-commerce optimization techniques. We offer a "work at home" part-time position "Regional Manager". This includes processing payments between our partners' clients and our company, ensure all personal data relating to customers is maintained, accurate and kept discreet, identifying opportunities to improve service delivery.
Position Type: Permanent. Working hours: 9:00 AM - 1:00 PM weekdays. Variable overtime is also required Occupation Type: part-time (1-5 hours a day occupation). Salary: $40 per hour. Professional qualities and skills: Scrupulous and diligent; Computer literate; Good organizational and administrative skills; Payment procedures prior experience would be an asset; Ability to work independently.
Please REPLY to this email to receive further information and application forms.
Recent Phishing Emails
Subject: IT HELPDESK
Sent: Friday, June 08, 2018 7:53 AM
Subject: IT Helpdesk
Dear Duquesne University Email Account Users
Your email account has been temporarily disabled by the System Mail Administrator due to some unusual activities in your email account as some information has not been verified, to activate your account click on the below link
Subject: Fw: JOB OPPORTUNITY!! JOB OPPORTUNITY!!!
From: michael richie <email@example.com>
Sent: Saturday, March 24, 2018 5:10 AM
To: Subject: JOB OPPORTUNITY!! JOB OPPORTUNITY!!!
Date: March 15, 2018 at 3:07:17 PM EDT
Hello I have a job for you. Looking for an Administrative Assistant to work. Are you available for a personal assistant job offer? This job is flexible so you can do it wherever you are available. I don't mind you doing all of the tasks during your spare time outside of work or school. If you are interested get back to me ASAP? So simple and flexible. Feel free to email me here. Let me know if you're interested. Hope to read back from you soon Regards
What to do if you have responded to a phishing message:
Check "Recently Received Phishing Messages" (listed below).
If you see the message you received listed below, please delete it.
If you do NOT see the message you received listed below, please forward it to firstname.lastname@example.org and email@example.com and then and delete it.
If you have replied to a phishing message or have accidentally logged into a phishing site with your MultiPass credentials, please run an anti-malware scan on your computer and reset your MultiPass password and secret questions immediately.
Check your forwards and inbox rules for suspicious settings.
Tips for identifying phishing messages: