Recent Phishing Scams
Two recent phishing scams have targeted numerous NJIT community members. Information Services & Technology (IST) is alerting the community while actively working to flag such messages as suspicious. Remember many of these alerts will only appear in the Gmail web interface.
Gift card scam
The gift card scam lures employees into buying gift cards through spoofed emails and sometimes even text messages.
- Begins with a short conversational message such as “Are you there?”
- Appears to be from a NJIT colleague, but is actually sent from the scammer’s email account.
- If you respond the scammer will reply, and the conversation quickly turns into a request to purchase gift cards.
- Any time an unsolicited email conversation turns into a request to purchase gift cards, it is very likely to be this scam.
- Protect yourself from this scam by carefully examining the sender’s email address.
- If it differs from the sender’s normal address, stop and forward the message to abuse@njit.edu.
Some additional information about gift card scams can be found here. https://www.consumer.ftc.gov/articles/paying-scammers-gift-cards
Sextortion scamThe sextortion scam begins with an email sent to the victim with threats of revealing evidence of embarrassing online activity such as visiting pornographic websites.
- Sender claims to have screenshots or webcam video of the activity
- Threatens to send these videos or screenshots to your friends and family.
- Many times a password used by the victim that has been obtained through external data breaches, leading the victim to believe that threat is valid.
- Scammer will demand payment in exchange for not revealing the embarrassing activity.
If you receive such a message or any message you feel is suspect, do not respond and do not click on any links in the message. Instead, forward the message to abuse@njit.edu along with the email headers. https://ist.njit.edu/email-headers/
NJIT Cyber Safe and Secure
2019-04-24
Cyber security is our shared responsibility. Always STOP, THINK before you click or respond to any type of electronic communication.