Share:

Please Continue to be Vigilant with Cyber Security

May 06, 2021

by Randy Hollowell, IT Services

As we look outside we can see that it has become spring, and soon the season will be turning to summer. Unfortunately, it seems that it is always a season for scammers. Scams can come in all shapes and sizes, but here are some we wanted to make you aware of either because they have recently hit close to home, or have the potential to directly impact the Miami community.

Email phishing messages offering employment/internship opportunities

Over the past few years, the information security team has seen numerous versions of a fraudulent email offering employment or internships for faculty and students. The messages are generally sent from a non-Miami email account and have a variation of the subject “Internship during school year.”

Many versions claim to be from particular professors. The idea is the same: The email is a scam offering faculty or student employees money for assistant services.

The scam email usually contains some version of this sentence: 

This is a very simple employment. You will only help me Mail letters, Make payments at Walmart and purchase some Items when needed. This employment only takes an hour a day and 3 times a week for $620 weekly.

If you receive this email, please do not respond or click on any links within; just delete the message. This is common phishing practice to try to get recipients to click on fraudulent links and unknowingly download malicious programs to your machine, or steal personal data.

Fingers typing on the keyboard of a laptopIf you receive a message that you suspect to be a phishing message, please forward it to InfoSec@MiamiOH.edu. This allows the information security team to block sites that may be associated with phishing attacks. If you ever feel you may have responded to a fraudulent message or clicked a link in one, please contact IT Help immediately at 513-529-7900.

Phone scams

According to the Social Security Administration, there has been an uptick lately on an all-to-common telephone scam. The gist of the message is:

Your Social Security number has been suspended. If you do not contact us, your account will be deactivated.

Scammers tend to be aggressive when they contact a potential victim. Please be aware that Social Security Administration employees will never threaten you for information or promise benefits in exchange for information. In these cases, the call is fraudulent, and you should just hang up. Don’t provide any personal or financial information to these thieves.

Tax Scams

Earlier this year the Internal Revenue Service (IRS) warned of an ongoing IRS-impersonation scam that appears to primarily target educational institutions, including students and staff who have ".edu" email addresses.

The IRS has received complaints about the impersonation scam in recent weeks from people with email addresses ending in ".edu." The phishing emails appear to target university and college students from both public and private, profit and non-profit institutions. Taxpayers who believe they have a pending refund can easily check on its status at Where's My Refund? on IRS.gov.

The suspect emails display the IRS logo and use various subject lines such as "Tax Refund Payment" or "Recalculation of your tax refund payment." It asks people to click a link and submit a form to claim their refund. The phishing website requests taxpayers provide a bunch of information, including:

  • Social Security number
  • Name
  • Date of Birth
  • Prior Year Annual Gross Income (AGI)
  • Driver's License Number
  • Electronic Filing PIN

People who receive this scam email should not click on the link in the email, but they can report it to the IRS at phishing@irs.gov.

Taxpayers who believe they may have provided identity thieves with this information should consider immediately obtaining an Identity Protection PIN. This is a voluntary opt-in program. An IP PIN is a six-digit number that helps prevent identity thieves from filing fraudulent tax returns in the victim's name.

Taxpayers who attempt to e-file their tax return and find it rejected because a return with their SSN already has been filed should file a Form 14039, Identity Theft Affidavit PDF, to report themselves as a possible identity theft victim. See Identity Theft Central to learn about the signs of identity theft and actions to take.

Ransom Attack

IT Services and the information security team have recently become aware that a scam email trying to exploit money out of users (AKA “ransomware”) has been making the rounds of Miami inboxes.

This email appears to be from a non-Miami email. Please do not open any attachments. Simply delete the email message.

The email begins with a paragraph that looks like something along these lines:

As you can see, this is not a formal email, and unfortunately, it does not mean anything good for you. BUT do not despair, it is not critical. I am going to explain to you everything right now.
I have access to your electronic devices, which are the part of the local network you regularly use. I have been tracking your activity for the last few months.
How did that happen? You visited some hacked adult websites with Exploit, and your device was exposed to my malicious software (I bought it in Darknet from specialists in this field). This is a very complex software, operating as Trojan Horse. It updates regularly, and your antivirus can not detect it. The program has a keylogger; it can turn your camera and microphone on and off, send files and provide access to your local network.

Don’t worry -- none of this is true. Again: Don’t respond to the email and don’t open any attachments -- just delete the message.

If you receive an email that you suspect to be a phishing or ransomware message, please forward the message to InfoSec@MiamiOH.edu. This allows the information security team to block sites that may be associated with phishing attacks. If you ever feel you may have responded to a fraudulent message or clicked a link in one, please contact IT Help immediately at 513-529-7900.

For more tips about remaining secure online and at Miami, visit our Information Security website.