Month: December 2023

In these days when the cost of living is so high, the prospect of getting generous pay for part-time work would be appealing, but scammers are well aware of that and trying to take advantage. The following job scam claims to offer an opportunity with the UN World Food Programme, but in reality the email was sent from a compromised account at another Canadian university.

A major red flag is that the email asks you to reply to a Gmail address. A real UN job offer would not ask you to contact an email address from a free email provider like Gmail, Hotmail/Outlook or Yahoo. Also, the fact that the email contains grammatical errors is another sign that the offer is not legitimate.

Remember, if you receive a job offer out of the blue and it offers a generous salary for a minimal amount of casual part-time work, in all likelihood it is a scam. In general, if an offer sounds too good to be true, it probably is. If you replied to this email, contact the Computer Help Desk or your department’s IT support staff immediately for assistance.

From: [redacted]
Subject: Don’t sleep on this!

Notice: This message was sent from outside the University of Victoria email system. Please be cautious with links and sensitive information.

I am sharing job opportunity information to anyone who might be interested in a World food programme Part-Time job with a weekly pay of $600.00. If interested, kindly contact Dr. Mattias on his email address.

(k*****02@gmail.com) for details of employment.

N.B, this is strictly a work from home position.

There is no reason for anyone to open the attachment in this email as it is clearly a phish. It is not clearly stated what this invoice is for, or which organization is sending this invoice. Everything in this email is generic, be it the sender name, salutation, signature, subject and file name.

Never be curious about email attachments as opening those can lead to malware on your device. Hence, only open attachments which are coming from your known sources and you were expecting it.

Subject: Check attached invoice as requested
Sender: Administrator <****debiz.com>
Attached file: INVOICE0001.html

Hello,

I hope you’re well. Please see attached invoice number [40433] for Order MT476/2023, due on 12/16/2023. Don’t hesitate to reach out if you have any questions.

Yours truly
Sarah.

 

Another run of the high volume phish encountered yesterday. To spot the phishing signs check out the post below:

IMPORTANT: Verification

Below is the sample of the new variant:

Subject: UVIC IMPORTANT VERIFICATION!
Sender: University of Victoria <****>

Notice: This message was sent from outside the University of Victoria email system. Please be cautious with links and sensitive information.

Your UVIC Google account has been filed under the list of accounts set for deactivation due to retirement / graduation or transfer of the concerned account holder. But the record shows you are still active in service and so advised to verify this request otherwise give us reason to deactivate your University of Victoria account.

Please Verify your UVIC account immediately to avoid Deactivation. Verify Here [Phishing link]

Please note the one-time submission and entry only..

Warm Regards,

3800 Finnerty Road
Victoria BC V8P 5C2 Canada
UVIC IT Help Desk

This phish uses scary tactic to get the user to take action to click on the link. The sender email address is external to UVic, the subject of the email is very generic, link is also external to UVic (check by hovering over it), it has formatting errors, and signature is also very generic. All these are phishing signs.

Always think and look for red flags in an email before taking an action. Whenever in doubt contact helpdesk.

Subject: IMPORTANT: Verification
Sender: Help Desk IT support <****>

Notice: This message was sent from outside the University of Victoria email system. Please be cautious with links and sensitive information.

Your UVIC account has been filed under the list of accounts set for deactivation due to retirement / graduation or transfer of the concerned account holder. But the record shows you are still active in service and so advised to verify this request otherwise give us reason to deactivate your University of Victoria account.

Please Verify your UVIC account immediately to avoid Deactivation. Verify Here [Phishing link]

Please note the one-time submission and entry only..

Warm Regards,

Help Desk Support – 24/7

Unlimited remote Help Desk IT support 24 hours a day, 365 days per year

As the holidays approach, phishing attempts related to parcel updates (such as delays, imminent arrivals, tracking information, and requests for confirmation) become increasingly common.
These messages may contain links to malicious sites or fake login pages. An example of such a message that circulated today is shown below. Please resist the urge to click on these links out of curiosity. Instead, hover your mouse over the link to verify that it does not actually lead to the website of the supposed parcel courier.

Hello dear ,

Your DHL Express shipment with waybill number CS/4792938456 is on its way. We will require a signature at the time of delivery. Shipment is subject to delivery duties taxes and clearance fees.

In order to avoid impact on delivery, please complete shipping info safely online to pay, view the calculation and track your shipment here.

Update and Track parcel<link to the malicious cite>

DHL is attempting to maintain a reliable shipping and delivery service for our customers. Thanks for your patience and understanding and wish to thank you so much for using DHL services.

​

Thank you for using On Demand Delivery.

DHL Express – Excellence. Simply delivered.

These types of job scams are not new. As always, impersonating a real UVic professor to make the job offer look legitimate.

Here are some of the red flags:

• The email comes from a Gmail address. Emails about real UVic job offers should come from a UVic email address.
• The salary offered is too good to be true, that too for a part-time job.
• The email requests your Google Chat email. Scammers often request alternative contact information to evade UVic detection.
• The sender name does not match the name of the professor supposedly offering the job.

Never reply to such scams, always look for warning signs before taking any action. If you did reply, please stop any further conversation and reach out to helpdesk for assistance.

Subject: Part-Time Job Opening
From: Dr. Stanley Chukwuka Jung <****@gmail.com>

Notice: This message was sent from outside the University of Victoria email system. Please be cautious with links and sensitive information.

The service of a student assistant is urgently required to work part-time and get paid $400 weekly. Tasks will be carried out remotely and work time is 8 hours in a week.
If interested, submit a copy of your updated resume and a functional google chat email address to our Department of Anthropology via this email address to proceed.

 

Regards
[impersonated professor name]
Assistant Professor Of Anthropology
Department of Anthropology
Office: ****