Latest Alerts

Cellphone Request From Manager -- April 28, 2023

Cellphone Request From Manager

Hacker seeking cellphone of an employee at ESU

Reported: April 28, 2023

What: Phishing attack seeking workers personal cellphone number

Type: Phishing done via Email

Problem: An email, assumed to be sent from an ESU employee or manager asking for a co-workers personal cellphone number.

Severity: High

Scenario: An email is sent from a manager or supervisor to their employee asking for their personal cellphone number.  The message is short.  Asking if they are available and what is the best cellphone number to text them.

Do not respond with personal, private or ESU information!

What To Check: The email is very convincing.  Using the correct ESU's director name and title.  Several parts are amiss.  First, it is sent from a non-ESU( issued email address.  If they are emailing you internally, you would not see the message "originated outside ESU".  Next, there is no subject to the message.  Also, the message was flagged in the ESU Junk Mail system.   Finally, there is not a personal greeting or a more secure way of relaying the information, such as handing the information in person.

Resolution:  Please do not text any information in response to the email. Forward the email to the ESU Phishing Team, and get their help.

RA Needed Urgently: Job Offer -- April 10, 2023

RA Needed Urgently: Job Offer

Message from hacker offer a job

Reported: April 10, 2023

What: Phishing attack seeking workers # 1

Type: Phishing done via Email

Problem: An email, assumed to be sent from an ESU Professor offering employment as a Student Research Assistant.

Severity: High

Scenario: Email is sent as an urgent limited Job Offer. With the person seeking a Student Research Assistant. The job is being offered as a paid remote internship. The email is requesting that the student text the "professor" their full name, email, department and year of study.

Do not click or follow the link supplied!

What To Check: The email is very "wordy" but not saying anything of note. They may use the name of an actual faculty/staff member, but keep in mind that every email will have a different phone number to text. When applying to any job on campus, a true employment opportunity will not ask you to text an individual, but will post the job accordingly.

Resolution:  Please do not text any information to the number in the email. All Faculty and Staff official contact information can be found on the website. Forward the email to the ESU Phishing Team, and get their help.

Definitions and Support

Phishing generally consists of a link in your email which leads to a fake form or login page.

Cybercrime includes spam, viruses, denial of service attacks, malware (Malicious code), fraud, identity theft, and social engineering attacks.

How to Identify

Though evidence is not always needed when reporting a cybercrime, it is important to keep all records relating to your complaint. Items that should be preserved include:

  • Canceled checks
  • Certified mail receipts and envelopes
  • Money order receipts
  • Wire receipts
  • Chat room and newsgroup texts
  • Credit card receipts
  • Facsimiles
  • Log files with the date, time, and time zone
  • Messages from Facebook, Twitter, and other social networking sites
  • Pamphlets and brochures
  • Phone bills
  • Printed or electronic copies of email messages with full header information
  • Printed or electronic copies of web pages

Phished or Scammed - Do this first!

  1. Reset all passwords of accounts associated with this incident (email, bank, social media accounts).
  2. Turn on two-factor or multi-factor authentication on all accounts that offer it.
  3. If you provided any personally identifiable information, you should complete the checklist for next steps.
  4. For any financially related fraud:
    1. Check your bank accounts frequently for unauthorized charges.
    2. Contact your bank to report all unauthorized transactions.
    3. Get your free annual credit reports.
    4. Consider placing a free credit freeze.
    5. If you place a freeze, you'll have to lift the freeze before you apply for a new credit card or cell phone - or any service that requires a credit check.
    6. If you decide not to place a credit freeze, at least consider placing a fraud alert.
    7. If you gave a scammer your Social Security Number, file your taxes as quickly as possible, before the scammer can.
Federal Trade Commision

The Federal Trade Commission (FTC) operates the Consumer Sentinel, a secure online database used by civil and law enforcement agencies worldwide to expose patterns of cybercrime.

You can file a complaint at:

Local Law Enforcement
Regardless of whether the cybercrime takes place over multiple jurisdictions, your local police department must take a formal report and refer the case to other agencies, when appropriate. Some local agencies have departments that focus specifically on cybercrime.
Internet Crime Complanit Center

The Internet Crime Complaint Center (IC3) is a partnership between the FBI and the National White Collar Crime Center. IC3 reviews complaints related to cybercrime and refers them to the appropriate agencies.

You can file a complaint online at: FBI Internet Crime Complaint Center IC3

Better Business Bureau

The Better Business Bureau investigates disagreements between businesses and customers.

You can file a complaint online at: Better Business Bureau

U.S. Postal Inspection Service

The U.S. Postal Inspection Service investigates fraudulent online auctions and other cases involving the mail.

You can file a complaint online at: United States Postal Inspection Service

How can you tell if an email message is a fraud?

It can be very difficult to tell if a message is fraudulent. This is why phishing schemes are widespread and successful for criminals.


Attackers use different methods of deception as phishing strategies. They create fake messages and websites, that imitate the original ones. With their help, they will try to lure you into handing over your personal information. The messages will ask you to reply to them, follow a link included in the message or download an attachment. The communication appears to be initiated by a legitimate person or company. Famous phishing attacks imitate messages from financial institutions, government agencies, online retailers and services, social networks, or even from a friend or colleague.

To make phishing look genuine, attackers include photos and information from the original website. They may even redirect you to the company’s website and collect the data through a false pop-up window. Or it can happen the other way around: the attacker first requests your personal data, then redirects you to the real website. Other times, the message tells you that you have been targeted by a scam and that you urgently need to update your information in order to keep your account safe.

Things to look out for
  • Requests for personal information in an e-mail message
    Most legitimate businesses have a policy that they do not ask you for your personal information through e-mail. Be very suspicious of a message that asks for personal information even if it might look legitimate.
  • Urgent wording
    Wording in phishing e-mail messages is usually polite and accommodating in tone. It almost always tries to get you to respond to the message or to click the link that is included. To increase the number of responses, criminals attempt to create a sense of urgency so that people immediately respond without thinking. Usually, fake e-mail messages are NOT personalized, while valid messages from your bank or e-commerce company generally are.
  • Fake links
    Phishers are getting very sophisticated in their ability to create misleading links to the point where it is impossible for the average person to tell if the link is legitimate or not. It’s always best to type in the Web address or URL you know is correct into your browser. Also you can save the correct URL to your browser “Favorites.” Do not copy and paste URLs from messages into your browser. Some of the techniques that criminals have used in the past to fake links are as follows:
  • Message body is an image not text
    To avoid detection by spam filters, fake e-mail messages used in phishing schemes often use an image instead of text in the message body. If the sent spam message uses real text, the Outlook Junk E-mail Filter will very likely move the message to the Junk E-mail folder. The message body image is usually a hyperlink, you can tell because when you rest the pointer on the message body, the pointer becomes a hand.
  • Promises that seem too good to be true
    Use common sense and be suspicious when you are offered money or discounts that seem too good to be true.
Best practices to protect yourself
  • Never reply to e-mail messages that request your personal information
    Be very suspicious of any e-mail message from a business or person that asks for your personal information — or one that sends you personal information and asks you to update or confirm it.
  • Don’t click links in suspicious e-mail
    Don’t click a link contained in a suspicious message. Instead, visit Web sites by typing their URL into your browser or by using your Favorites link. Do not copy and paste links from messages into your browser.
  • Change your password regularly or if you suspect any compromise
    Once you have made the password change notify the provider of the service/account in question directly regarding the possibility of fraud or compromise.
  • Don’t send personal information in regular e-mail messages
    Regular e-mail messages are not encrypted and are like sending a post card, anyone whose hands it passes through can read its content.
  • Do business only with companies you know and trust
    A legitimate business Web site should always have a privacy statement that specifically states that the business won’t pass your name and information to other people.
  • Make sure the Web site uses encryption when personal information is being transacted
    The Web address should be preceded by https:// instead of the usual http:// in the browser’s address bar. Also, double-click the lock icon on your browser’s status bar to display the digital certificate for the site. The name that follows “Issued to” in the certificate should match the site that you think you’re on. If you suspect that a Web site is not what it should be, leave the site immediately and report it. Don’t follow any of the instructions it presents.
  • Monitor your transactions
    Review your order confirmations and credit card and bank statements as soon as you receive them to make sure that you’re being charged only for transactions you made. Immediately report any irregularities in your accounts by dialing the number shown on your account statement. Using just one credit card for online purchases makes it easier to track your transactions.
  • Use credit cards for transactions on the Internet
    In most locales, your personal liability in case someone compromises your credit card is significantly limited. By contrast, if you use direct debit from your bank account or a debit card, your personal liability frequently is the full balance of your bank account. In addition, a credit card with a small credit limit is preferable for use on the Internet because it limits the amount of money that a thief can steal in case the card is compromised. Better yet, several major credit card issuers are now offering customers the option of shopping online with virtual, single-use credit card numbers, which expire within one or two months. For more details, ask your bank about perishable virtual credit card numbers.

How to deal with phishing emails

Contact Us

Can't find what you are looking for? Please contact Omar Williams, Steve LaBadie, or Frank Bright

Contact Information

Campus Address
Science & Technology Center
(570) 422-3995
Title of Department Leader
Senior Manager of Web Services
Omar Williams