ESU Phishing Alerts
Reported ESU Phishing Attacks
These are Phishing attacks that occurred within ESU cyberspace. Please take note and precautions. If you believe been attacked by receiving an email, text or social media message from ESU please forward to the ESU Phishing Team.
Go To myesu.esu.edu To Release Inbox Messages
Reported: May 7, 2024
What: Request to release messages from your myesu.esu.edu account.
Type: Phishing done via Email
Problem: Attempt to click link to get important messages from the myesu.esu.edu server.
Severity: High
Scenario: A mass email is sent to several users. The message reads as an attempt to provoke users to click a link to send messages from their myesu.esu.edu account to their inbox.
Do Not Click the Links or Respond to the Email
What To Check: Messages sent to your myesu.esu.edu account will remain on the account. There is not a process to have a person manually forward emails.
Also, the sending address is not an ESU email address. Emails sent from ESU will end with the domain esu.edu. So it was not sent from the university. And it is not sent on behalf of the university.
Resolution: Please do not respond to this email nor click any links it has. Forward a copy of the email to the ESU Phishing Team. Report this as an phishing attack.
[ESU:IT Information Security Advisory] 2FA Authentication
Reported: March 30, 2024
What: University support sending out QR code for added security
Type: Phishing done via Email
Problem: Attempt to get the viewer to scan a QR code for 2-Factor Authentication for "security" purposes.
Severity: High
Scenario: A mass email is sent to several users. The message reads as if it is from university online support. The email points out a security concern and in an "attempt" to be proactive, they request that you update your 2-factor authentication by scanning the QR code provided and putting in your information on the page that it sends you to.
Do not scan the QR Code
What To Check: The first thing to look at is the email of the sender. The email is not an official ESU email or email group. In the message, it refers to the university as "Eastern" Stroudsburg University. In the event you have scanned the QR code, pay attention to the page it sends you to. This QR code has taken the viewer to a WIX page for them to login their information. This is not an ESU page or ESU affiliated page.
Resolution: Please do not respond to this email nor scan the QR code. Forward a copy of the email to the ESU Phishing Team. Ask them for their help.
Academic Assessment Review Reports for All Staff 2024
Reported: March 28, 2024
What: President sharing OneDrive file
Type: Phishing done via Email
Problem: Attempt to share a file from the President of the school
Severity: High
Scenario: A request from the President of the school sharing a file. File states it is an assessment of the academic staff. It requests the user to review the file.
Do not open the attachment or click the link
What To Check: The scam does not states the President by name. Nor does it state our university. The email is from an unknown user.
Resolution: Please do not respond to this email nor open the link or attachment. Forward a copy of the email to the ESU Phishing Team. Ask them for their help.
Opportunity From One Of Our Staff Opportunity From One Of Our Staff
Reported: November 21, 2023
What: Bereavement request from ESU Official
Type: Phishing done via Email
Problem: An email sincerely disguised as a request for help after the passing of ESU Faculty's parent.
Severity: High
Scenario: An very sincerely worded email is sent, on the behalf of President Long. It requests your help with a professor's parent passing. The email asked if the reader wants the tool set owned by the parent or other item be sent to them. And the reader is asked to sent their personal email address for quicker response.
Do not respond nor send any personal or busy information
What To Check: Check to see if the situation did happened. Check to see if the email is sent from an ESU issued email account. (Emails from @esu.edu are ESU employee email. There are a few exceptions). Only official ESU emails are sent from ESU Email addresses. Don't share personal information. By rule, personal information should not be sent in response to an ESU email. If personal information is needed, you can ask the sender if this is true.
Resolution: Please do not respond with your personal email account or other personal information. Forward a copy of the email to the ESU Phishing Team. Ask them for their help.
Older Phishing Alerts
- Geek Squad Scam
-
Reported: November 11, 2023
What: An invoice or receipt from Best Buy/Geek Squad
Type: Phishing done via Email
Problem: A malicious attack disguised as an invoice or receipt from Best Buy.
Severity: High
Scenario: An email is sent to remind the owner that payment has been made or payment is due (invoice or receipt). The owner is asked to call the toll free number to request a refund. The email uses an authentic Geek Squad logo and styling. Due to the look of the email, users may want to call to verify the email.
Do not respond, call or open any links and attachments.
What To Check: Are you expecting a receipt or invoice from Geek Squad? If you don't use your ESU email for purchases then you shouldn't expect this email. If you are expecting receipts or charges, verify thru BestBuy.com that the information is correct.
Resolution: Please do not call to verify any information in response to the email. Check with BestBuy.com if you think its a valid email. If not, forward the email to the ESU Phishing Team, and get their help.
- Hanif Hall Shared a File With You -- October 24, 2023
-
Reported: October 24, 2023
What: Phishing attack asking to download a file from President Long
Type: Phishing done via Email
Problem: Could be a virus or other malicious item attacked to the email or the links in the email.
Severity: High
Scenario: An email sent with urgency on behalf of President Long. It ask that you open the file being shared with you.
Do not respond or open the links and attachments.
What To Check: The email is from a non-ESU source. High ranking officials would not ask outsiders to send on their behalf. Unless you are told to expect this email, then assume its a fraud.
Resolution: Please do not text any information in response to the email. Forward the email to the ESU Phishing Team, and get their help.
- Cellphone Request From Manager -- April 28, 2023
-
Cellphone Request From Manager
Reported: April 28, 2023
What: Phishing attack seeking workers personal cellphone number
Type: Phishing done via Email
Problem: An email, assumed to be sent from an ESU employee or manager asking for a co-workers personal cellphone number.
Severity: High
Scenario: An email is sent from a manager or supervisor to their employee asking for their personal cellphone number. The message is short. Asking if they are available and what is the best cellphone number to text them.
Do not respond with personal, private or ESU information!
What To Check: The email is very convincing. Using the correct ESU's director name and title. Several parts are amiss. First, it is sent from a non-ESU(esu.edu) issued email address. If they are emailing you internally, you would not see the message "originated outside ESU". Next, there is no subject to the message. Also, the message was flagged in the ESU Junk Mail system. Finally, there is not a personal greeting or a more secure way of relaying the information, such as handing the information in person.
Resolution: Please do not text any information in response to the email. Forward the email to the ESU Phishing Team, and get their help.
- RA Needed Urgently: Job Offer -- April 10, 2023
-
RA Needed Urgently: Job Offer
Reported: April 10, 2023
What: Phishing attack seeking workers # 1
Type: Phishing done via Email
Problem: An email, assumed to be sent from an ESU Professor offering employment as a Student Research Assistant.
Severity: High
Scenario: Email is sent as an urgent limited Job Offer. With the person seeking a Student Research Assistant. The job is being offered as a paid remote internship. The email is requesting that the student text the "professor" their full name, email, department and year of study.
Do not click or follow the link supplied!
What To Check: The email is very "wordy" but not saying anything of note. They may use the name of an actual faculty/staff member, but keep in mind that every email will have a different phone number to text. When applying to any job on campus, a true employment opportunity will not ask you to text an individual, but will post the job accordingly.
Resolution: Please do not text any information to the number in the email. All Faculty and Staff official contact information can be found on the website. Forward the email to the ESU Phishing Team, and get their help.
- Urgent Open Slot Job Offer -- March 21, 2023
-
Urgent Open Slot Job Offer!!!
Reported: March 21, 2023
What: Phishing attack seeking workers # 2
Type: Phishing done via Email
Problem: An email, assumed to be sent from an ESU Professor offering employment as a Student Research Assistant.
Severity: High
Scenario: Email is sent as an urgent limited Job Offer. With the person seeking a Student Research Assistant. The job is being offered as a paid remote internship. The email is requesting that the student text the "professor" their full name, email, department and year of study. The wording is slightly different, but this is the same scam being conducted as the previous email on April 10th.
Do not click or follow the link supplied!
What To Check: The email is very "wordy" but not saying anything of note. They may use the name of an actual faculty/staff member, but keep in mind that every email will have a different phone number to text. When applying to any job on campus, a true job post will not ask you to text an individual, but will post the job accordingly. Even if you recognize these phishing emails, keep in mind that different variations may still be floating around. So be vigilant when reading your emails.
Resolution: Please do not text any information to the number in the email. All Faculty and Staff official contact information can be found on the website. Forward the email to the ESU Phishing Team, and get their help.
- Job Offer Email -- January 18, 2023
-
Job Offer
Reported: January 18, 2023
What: Phishing attack seeking workers
Type: Phishing done via Email
Problem: An email, assumed to sent from ESU offering employment as a Personal Assistant.
Severity: High
Scenario: Email is sent as a Job Offer. With a person seeking a personal assistant. Duties include handling payments/monies, sending gifts, record keeping and paperwork. The email shows average or above average pay, few weekly work hours required and the comfort of working from home, school or any location. Requires you to click the link to continue and for more details.
Do not click or follow the link supplied!
What To Check: There is little details with the message except to say a big promise for little effort. That it is offering a convenient job that wouldn't take a lot of time away from a person. Also, the email suggests its from Job Placement & Student Services which is not a currently ran department at ESU. Again, there is no other, pertinent details explaining who they are, why they are sending the email nor proper ways to contact ESU in person.
Resolution: The email leave no way to contact them or ESU except via the link provided. This would show as a SPAM. Please do not follow or click the link provided. Forward the email to the ESU Phishing Team, and get their help.
- Important Message from the President - Shared A File With You -- January 17, 2023
-
Important Message from the President - Shared A File With You
Reported: January 17, 2023
What: Phishing attack requesting an immediate favor
Type: Phishing done via Email
Problem: A person, impersonating a well known or prominent member of ESU asking for help.
Severity: High
Scenario: An email is sent from a high ranking official or prominent person. The person could be a member of ESU or not. The email states the message is important and has shared a file with you to open!
Do not open or download the file!
What To Check: There is very little details with the message except to say its important, whose its from and what to. There is no other, pertinent details explaining who it is, why they are sending or what to do if you have questions. Its a direct and frank email that is asking you to open the file. The message and details are very vague and too frank. Asking just to open the file.
Resolution: You could contact the person or their office to verify the message. Better to send the email to the ESU Phishing Team, and get their help.
- Urgent Request To Purchase Apple Gift Cards -- Jan 17, 2023
-
Urgent Request To Purchase Apple Gift Cards
Reported: January 17, 2023
What: Phishing attack requesting an immediate favor
Type: Phishing done via Text messages
Problem: A person, impersonating a well known or prominent member of ESU asking for help.
Severity: High
Scenario: This Phishing attack is an interactive texting by a caller pretending to be an high ranking or prominent member of ESU. The offender calls or text asking for a favor. They are in a meeting and cannot leave. They ask if you are available and could buy gift cards. They build the scene by asking if you are busy and if you have the time to do them a favor. They let you know this is an urgent matter.
Do not buy or send gift cards!
What To Check: Its hard not to take the text seriously since its from an ESU official. But the person fully identifies himself. If you know or work with the ESU Official, you and they would know this and there wouldn't be such a formal introduction.
Also, they test your sincerity. The request is posed as an urgent request and not a command to be executed. Also, what is asked is also in question. Why would you go to the local store, Walmart or CVS. This would take time. Also, you may assume the gifts should be brought to the meeting or gift card mailed/emailed after the meeting.
Be curious of this texting Check for irregularities. You will notice the email is signed by an ESU Member but the email address is not theirs' or not an ESU email account. Check the list of senders. You may see a list of emails who receive this notice and some or all may be unfamiliar or not sent to the ESU members. Also, check the notice. It says its an urgent or immediate request prompting you to respond quickly. Very little to no other instructions are given except to open the file from a prominent ESU member. So unless you are expecting this, do not open the email or click the link.
Resolution: You could contact the ESU Official and or their office to see if they are in a meeting as stated. Contact the owner or their office to verify the email. If its not a legitimate request or you believe the email is false, please forward the email to the ESU Phishing Team, to check the email and make updates to our Spam and Phishing security.
- Document Shared with you: "Evaluation.Docx" -- May 02, 2022
-
Document Shared with you: "Evaluation.Docx"
Reported: January 17, 2023
What: Phishing attack requesting to share a fake Word Doc
Type: Email, Word Doc
Problem: A person Is sharing a Word Document. Pretending it is part of a group project and you are asked to do your share in reading and opening the document.
Severity: High
Scenario: The Spammer is pretending to share a document to a group. They hope you believe its a document to a group or project you are working on and they want you to open the file.
Do not download the file, click the open button or open the file
What To Check: Check the author of the email. The name is a prominent or high ranking member of the ESU Staff but the email address is not an ESU email account. Official ESU correspondence will be sent from ESU email accounts. Also, the document is a script file, meaning it will be code that maybe executed upon reading. So this may contain a virus or other malicious program.
The spammer took advantage of the free services offered by Google, Dropbox or other services to send a malicious program or virus to your account.
Resolution: If you see an email with errors such as this, do not open or click the link that is offered. If you question if the email is for you, you can contact the owner or their office and find out if they sent the email. If its not a legitimate request or you believe the email is false, please forward the email to the ESU Phishing Team, to check the email and we can make updates to our Spam and Phishing security.
What to do...
Contact Us
Contact Information
- Campus Address
- Science & Technology Center
- Phone:
- (570) 422-3995
- Title of Department Leader
- Senior Manager of Web Services
- Name
- Omar Williams
- E:
- owilliams7@esu.edu