Recently, UMBC users have reported the increased receipt of a specific phishing attack stemming from a particular domain. The phishing email content is as follows:
“From: Guthrie, Melinna <Melinna.Guthrie@stonybrookmedicine.edu>
Date: Fri, May 24, 2019 at 8:48 AM
Subject: EARN MORE /PART TIIME JOB OPPORTUNITY
To:
Customer Impact Services, secret survey company is currently hiring people from all over USA/CANADA to visit local stores as a shopper and test customer service professionalism while you earn commission of $300 flat on each visit which does not take more than an hour.
You will be given funds to visit a store and pretend as a normal customer while you make purchases and take note of the quality of service as well as environment after which you will give a short report or feed back to the company for business development and customer service improvement decisions via email and earn your commission of $300 per visit.Usually, you will have 2 visits in a week and make $600 or more in a week. I am giving assurance over the legitimacy of this company.
Note:
Only local stores are given, no traveling required
You do not have to pay any money to begin, you'll rather be making money from home
No rigorous process in registering and commencement of assignment(s)
1) Shopper take personal satisfaction in watching service levels rise knowing that they played an instrumental part in that improvement.
2) Shopper know the importance of following directions, they read and follow each client's evaluation criteria to the letter.
**To register
[<hxxps://docs[.]google[.]com/forms/d/1wab3UlNppQepch_ApuXxGYyJWIa6mwCrOthbe0nThnI>;]”
This phishing email is a particularly malicious one owing to number of factors; these include the professional format and grammar, the believable content of the email, as well as the presence of apparently legitimate links and source address. The DoIT security group is aware of the phishing scam and is currently investigating the issue.
Due to the fact that the links contained within the email are google docs, we are unable to block or report them to google as malicious content. With that in mind, we ask that if you receive this email, please forward it to security@umbc.edu, and to treat it as a malicious phishing attack. In order to mitigate potential damages, under no circumstances are users encouraged to click on the link or follow any instructions contained within it; upon receipt of the email please delete it immediately. If you have already done so and feel your personal information has been compromised in any way, please contact UMBC Police at (410) 455-5555.
For more information regarding phishing and spam FAQs, please see the
PHISHING/SPAM FAQS section of itsecurity.umbc.edu.
**This link has been altered so that it is unable to be clicked and directed to a malicious website or download any malicious software to your machine.
Posted: May 24, 2019, 1:00 PM