Indiana University information security staff report that email scammers impersonating IU senior leadership have attempted to acquire sensitive personal data, monetary transfers and unauthorized purchases in recent months.
IU officials urge employees to keep on the lookout for phishing scams such as these and others that are particularly common around April’s tax-filing deadline.
The security news publication Krebs on Security describes a scam targeting CEOs and their human resources staff nationwide. Email purportedly from the CEO asks the human resource director for employee W2 forms, potentially giving the scammers enough information to file false tax claims in the name of these employees. The Wall Street Journal wrote about the same fraud on Sunday, reporting that many corporations had fallen victim to the scam. At IU, the scam was detected before any information was released.
Officials urge caution
Here are a few tips and questions IU employees can ask themselves to avoid being phished:
- Are you expecting an email of this nature (e.g., password reset, account expiration, wire transfer, travel confirmation, etc.)?
- Does the message ask for any personal information? (password, credit cards, Social Security Number, etc.)
- Hover your mouse over the links in the email. Does the hover-text link match what’s in the actual text? Do the actual links look like a site with which you would normally do business?
- Click “Reply.” Does the address in the “To” field match the sender of the message?
- If the message purports to be from an IU email account or device, check the email headers. All messages originating outside the IU Network will include the text external-relay.iu.edu. The presence of this text most likely indicates the message is not coming from a legitimate IU sender.
If you’re not sure about the legitimacy of an email message, report it to firstname.lastname@example.org with the full email headers so IU cybersecurity experts can investigate.
This information can also be found on Protect IU.
The University Information Security Office and the University Information Policy Office are part of Public Safety and Institutional Assurance, which falls under the Office of the Executive Vice President for University Academic Affairs and the Office of the Vice President for IT and CIO.