ALERTS

STUDENTS INTERN type or similar Scam (Mar 3 9:30 am)

Members of the university community, especially students, have been targeted by phishing attacks in which the attackers impersonate a UH Professor. The attackers are using names of actual UH Professors in these phishing emails, along with a phone number to text. The attacker will contact the victim, often under the pretext of being related to an employment opportunity, and then engages with and persuades the victim to send out emails from the victim's hawaii.edu account. The attacker provides the text of the message to send, as well as a list of email addresses. Once the victim has sent out the emails, the attacker will provide the victim with a fake check as "payment".
 
Although in this scam the attacker does not gain access to the victim's account, the victim is affected in the following ways:

• Due to the amount of emails sent out, the victim's hawaii.edu account could be disabled by ITS or locked by Google.
• Since the emails are coming from a hawaii.edu account, it may lull others into believing the emails are legitimate.
• Sending phishing emails from a hawaii.edu account could damage the reputation of the hawaii.edu domain and impact email deliverability.
• Cashing or depositing a fraudulent check can have consequences for the financial institution the victim banks at, and can lead to their account being frozen while further investigation is conducted by the authorities - even if they did not realize the check was fake.

• Do not give out any personal information.
• Do not respond to unknown individuals from your personal mobile phone number.
• If the person asks you to send out email messages on their behalf, stop engaging with the person immediately.