- Secure Remote Work
- Infosec Guidebook
- Awareness & Training
- GRC Team Services
- Policies & Rules
Scammers are actively emailing students with a fake job opportunity to swindle students out of money. These scammers are posing as professors or job recruiters from other companies and offering large sums of money. Often, the work will involve simple, easy “administrative tasks” such as finding the price of items in a store and purchasing gift cards. The sums of money offered range from $300 to $800 for a few hours of work. Ultimately, the scammers want students to either purchase gift cards (and send the gift card information to them), or they want students to cash phony checks. In this way, they can gain access to your personal as well as bank account information.
A good rule of thumb when trying to decide if an email is an employment scam or not is that if it looks too good to be true, it probably is.
Here are some quick indicators that a job opportunity may be a scam:
If you or anyone you know has sent their banking information to one of these scammers, report it to the police. As always, you can also forward emails to [email protected] if you're unsure.
You can find instructions to set up your Outlook in Microsoft or Mac desktop or laptop to report phishes at the touch of a button by clicking here.
Example employment scam email:
Ransomware is an ever-evolving form of malware designed to encrypt files on a device, rendering any files and the systems that rely on them unusable. Malicious actors then demand ransom in exchange for decryption. Ransomware attacks are some of the most common cyber attacks on the Oregon State Community.
Phishing is a form of social engineering. Phishing attacks use email or malicious websites to solicit personal information by posing as a trustworthy organization. For example, an attacker may send email seemingly from a reputable credit card company or financial institution that requests account information, often suggesting that there is a problem. When users respond with the requested information, attackers can use it to gain access to the accounts.
Phishing attacks may also appear to come from other types of organizations, such as charities. Attackers often take advantage of current events and certain times of the year, such as
In a social engineering attack, an attacker uses human interaction (social skills) to obtain or compromise information about an organization or its computer systems. An attacker may seem unassuming and respectable, possibly claiming to be a new employee, repair person, or researcher and even offering credentials to support that identity.