Emily Shepherd
Contributing Writer
Over the last few weeks, employees and students have received emails containing fake job offers that vary in the actions requested, the information asked for, the content and the sender.
But one thing remains the same: it’s a scam.
In the fake emails, the sender directs the reader to click a Read More button, a link or to respond to the email.
Taylor West, junior journalism major, said she’d received at least four of the scam emails. After receiving multiple emails, West clicked on the link out of curiosity.
“I didn’t know why I kept getting those emails and [the email links] led to nothing,” West said. “There was no information. I wish I wrote down the company, because I looked up one of the companies and they didn’t exist.”
An email was sent out to students, faculty and staff by campus administration after numerous people on campus received these fake emails. According to the email, scammers constantly change their tactics, making it difficult to prevent the emails from being delivered to Murray State employees’ and students’ email inboxes.
To combat scammers, Murray State’s security team has worked with Google to implement tools to either block these types of emails or to flag the subject lines of the emails to alert the receiver the emails are likely scams.
According to Murray State’s TeamDynamix page, you should ask some critical questions to avoid scams: is someone asking me for my bank account number, other personal financial information or passwords? Be wary of emails asking for this information, even if the sender offers to deposit money into your account. Students, faculty and staff should also be suspicious of phrases like “verify your account” and “click the link below to gain access to your account.”
When deciding whether an email you have received is a scam or not, look at the content. Does the website link look valid? Make verifying web addresses a habit. Even if a link looks valid and displays the correct web address, it could take you someplace completely different. Don’t ever click on a website link or an image without verifying the link is legitimate–you could be redirected to an attacker’s website. Rest, but do not click, the mouse pointer on the link to verify the real web address. Scammers will often alter their web addresses to resemble the name of a well-known company.
According to the TeamDynamix page, to prevent computer virus outbreaks and spam, avoid phishing attacks by managing your inbox, composing professional messages, writing effective subject lines, properly using CC and BCC and being smart about handling attachments.
“There should be some type of tracking we can do to figure out where these are coming from because there isn’t always going to be that student like me that wouldn’t give out their information or anything that could jeopardize their future,” West said.
Email is not a secure way to share sensitive information. Businesses should not ask you to send passwords, login names, Social Security Numbers or other personal information through email. Be advised that Information Systems will never request your password.
Use Google’s Report Spam button at the top of the screen to help Google’s email screening process.
“If you’re still interested in it, check with your peers, check with your advisor or any teacher because most likely they’re going to know what internships are going to be available in your field,” West said. “Do your research.”
You can report a phishing email through the Service Catalog. To report the email phishing scam, forward the email to [email protected] and [email protected] to let Murray State’s Information Systems Security team know about the email.