Reaching Others University at Buffalo - The State University of New York
Skip to Content

UBIT SECURITY ALERT, 05/07/2014

Cyber-Related Scams Targeting Universities, Employees and Students

The UB Information Security Office has received information from The Internet Crime Complaint Center (IC3) about cyber-related scams targeting universities, employees, and students.  The IC3 is aware of multiple scams targeting universities, university employees, and students across the nation. The scams range from Internet fraud to intrusions.

Description

The following are common scenarios:

  • Spear phishing e-mails are being sent to university employees that appear to be from their employer. The e-mail contains a link and claims some type of issue has risen requiring them to enter their log-in credentials. Once employees provide their user name and password, the perpetrator accesses the university's computer system to redirect the employeesâ•˙ payroll allocation to another bank account. The university employees' payroll allocations are being deposited into students' accounts. These students were hired through online advertisements for work-at-home jobs, and provided their bank account information to the perpetrators to receive payment for the work they performed.
  • Scammers are posting online advertisements soliciting college students for administrative positions in which they would receive checks via the mail or e-mail. Students are directed to deposit the checks into their accounts, and then print checks and/or wire money to an individual. Students are never asked to provide their bank account information to the perpetrators.
  • Perpetrators are compromising students' credential resulting in the rerouting of their reimbursement money to other bank accounts. The reimbursement money is from student loans and used to pay tuition, books, and living expenses.
  • Perpetrators are obtaining professors' Personally Identifiable Information (PII) and using it to file fraudulent income tax returns.
  • Some universities have been victims of intrusions, resulting in the perpetrators being able to access university databases containing information on their employees and students.


If you have been a victim of one of these scams we encourage you to  notify UB's Information Security Office at sec-office@buffalo.edu as soon as possible.

Stay Safe

To learn more about protecting yourself from phishing attacks and other computer-related risks, visit the UBIT website:
http://www.buffalo.edu/ubit/service-guides/safe-computing.html

DATE ACTIVE:

5/7/2014

THREAT LEVEL:

Not Applicable

TYPE:

Phish

Did This Page Answer Your Question?

(Required)
 
Email, UBITName or phone number
(Required)
Enter the letters or numbers you see below in the space provided. Click "Get a new challenge" if they are not readable.