Samples of phishing emails targeting SMU
Various kinds of well-crafted emails also known as phishing emails have been reported at SMU with the following email subject lines listed below:
- “Notification”
- “Your mailbox is almost”
- “Final warning”
- “Help desk”
These are four of the most recent phishing email subject lines that were received by members of the SMU community. These emails appear to come from other legitimate users within the SMU community. Users should be aware that the above-mentioned phishing email subject lines are subject to change.
If you had received any of these phishing emails, please do not respond or click on any links. If you have responded to any of these phishing emails or clicked on any of the links, kindly change your password immediately. You can also contact the EIT helpdesk for further assistance on 902-496-8111 or helpdesk@smu.ca
There have been reports of a particular kind of phishing email is being received by members of the university community.
See a typical example below:
Example 1
iTune Gift Card Scam
In recent weeks there have been a number of iTunes Gift Card scams circulating via email. In these email scams, the fraudster pretends to be someone that you know, usually someone in a position of authority.
The messages usually appear as an urgent request for your help. The sender will indicate that they are unable to call or receive calls and request that you purchase a number of iTunes gift cards on their behalf promising reimbursement. You will be asked to purchase the gift cards, scratch off the label on the back of the card to reveal the hidden security code, and then email pictures of the cards.
With this information, the fraudster can claim the value of those cards and you will be unable to reclaim the money.
Email Sample
From: Jane Doe <janedoe@xxx.xxx>
Sent: Monday, September 17, 2018 6:05 PM
To: firstname.lastname@smu.ca
Subject: iTunes gift card
I am tied up right now; please I need you get me iTunes gift card from the stores (4 pieces, $100 each.) Scratched it all and take a picture which clearly shows the codes and value of the cards, and send the photos to me here.
I will reimburse you when am through. Also, I would have called, but can't receive or call at the moment.
Regards,
Example 2
From: Jason Borne
Sent: November-29-17 8:28 AM
To: Firstname Lastname <firstname.lastname@smu.ca>
Subject: Notification
This is to notify all Students, Staffs in Saint Mary's University that we are validating active accounts. Kindly confirm that your account (firstname.lastname@smu.ca) is still in use by clicking the validation link below:
Validate Email Account
Sincerely
IT Help Desk
Saint Mary's University.
Example 3
From: Jane Dash
Sent: September-15-17 11:57 AM
To: firstname.lastname < firstname.lastname@smu.ca>
Subject: Validating.......< firstname.lastname@smu.ca>
This is to notify all users that we are validating active accounts.
Kindly confirm that your account is still in use by clicking the validation link below:
emailvalidate..office
Was this helpful? Send feedback to Microsoft
Example 4
From: John Doe
Sent: August 2, 2017 2:44 PM
To: John Doe
Subject: Outlook update.
All Staff and Students are expected to migrate to the New 2017 Microsoft Outlook Web portal to access the below, click here to migrate:
- Access the new staff directory
- Access your pay slips and P60s
- Update your ID photo
- E-mail and Calendar Flexibility
- Connect mobile number to e-mail for voice mail
Important notice: All staffs and students are expected to migrate within 24 hours to avoid delay on mail delivery.
On behalf of IT Support. This is a group email account and it’s been monitored 24/7, therefore, please do not ignore this notification, because it’s very compulsory.
Sincerely.
Admin Team.
**Note: This type of phishing email has a link in it with the aim of getting users into clicking on the link embedded in “click here”. It also communicates a sense of urgency to users to act immediately.
Remember, if uncertain about any email that appears to come from IT, kindly reach out to ITSS Help Desk on 902-496-8111 or helpdesk@smu.ca to verify.
Example 5
From: Michael Luce [mailto:laura@d78mkaysgebdbda.com ]
Sent: January-25- 2017 10:58 AM
To: first.lastname@smu.ca
Subject: New Invoice #2416-21
This email is being sent in order to inform you that a new invoice has been generated for your account.
Your Account Login: firstname.lastname@smu.ca
Your Account Password: mauler783
Please see the file that is attached.
The file is password protected to protect your information.
The password is 123456
Thank you.
Michael Luce
firstname.lastname-inv.zip
**Note: This aim of this type of email is to get you attention and trick you to open the attachment which eventually in most cases infect your device and compromise your account.
This section provides the Saint Mary’s community with information on how to protect your information when using browsers, mobile devices, Java applications and the Windows operating system.
For more information on phishing and information security, view the Protect Your Information page, and other pages in this section.
Be informed
Want tips on creating passwords that work, and other great ideas on how to secure your information? Check out the SANS Institute’s comprehensive Security Awareness Tip of the Day site.