Today the Security team at DoIT received reports of a phishing scam targeted at the Physics Department. We have decided to make this a campus-wide announcement, as hackers could potentially send this email out to students, or other faculty and staff; compromising their safety.
This phishing email content is as follows:
Hello. Are you available?
Please, I need your assistance urgently
Dr. Theodosia Gougousi
Graduate Program Director
Department of Physics
University of Maryland, Baltimore County
There are many characteristics that lend to this email being considered a phishing email; for example, the vague nature of the email content, coupled with the unknown and suspicious sender.
However, the biggest red flag here is the hacker posing as a trusted entity. Here the hacker uses a specific form of phishing known as spear phishing to target specific members of the Physics Department. Hackers often gather information about organizations in order to make their phishing scams more personal and believable. Here, the hacker impersonates the Graduate Program Director in order to target staff within this department with the intention that they’d reveal confidential information.
If you receive this email, please be aware of its malicious nature and do NOT reply to it. Replying to this email could further engage the hacker in hopes that you’ll reveal sensitive information such as your location; which will compromise your safety.
The DoIT security group is fully aware of this phishing email and is currently working on fixing the issue.
If you receive this email or one with related content, please forward it to firstname.lastname@example.org with full headers (directions here: https://wiki.umbc.edu/pages/viewpage.action?pageId=1867970) delete the email immediately. If you feel your information or safety has been violated in any way, you are encouraged to call UMBC Police at (410) 455-5555.
For more information regarding phishing and spam FAQs, please see the
PHISHING/SPAM FAQS section of itsecurity.umbc.edu.