A phishing email seeming to notify RIT students of issues with their immigration and citizenship status. This email urges students to click on the provided link or call the number to avoid arrest and any further problems. Below is a list of several red flags found in the email and a screenshot of the phish:
First step in a business email compromise (BEC) account is reconaissance. This email looks harmless, but enables the attacker to start a dialog with the reciepient. After engaging in conversation, the attacker will typically ask the recipient to purchase gift cards, and provide the numbers to them. The attacker will cash out the gift cards within seconds.
A phishing email encouraging all students and staff members to update their "EDU" in order to access new features and avoid an account deactivation. Below you will find a list of red flags within the email and a screenshot of what the phish looked like.
There are several similar phishing emails with requests targeting the RIT community. If you receive a similar email, especially from someone without an RIT email, report it to firstname.lastname@example.org and then delete it immediately.
LEGITIMATE MESSAGE: February 14-15 ONLY. Because of bank mergers, RIT payroll changed the information on several hundred direct deposit accounts. If you received a notification, please review your direct deposit information on myInfo. Thank you for helping RID RIT of Phish!