Information Technology Services IT Security Office

George Mason University IT Security Alerts

10/23/18: Circulation of a Second Phishing Email October 23, 2018 3:15 PM

A new phishing email is circulating the George Mason University community. This is a copy of the latest phishing email. If you get this message, DO NOT reply, DO NOT click any links, DO NOT open any attachments and DO NOT provide any personal information. Delete the bogus email. We never ask for this information via email. The Email Group is working on the list of who received the email and is closing the accounts of those who responded to it.

THE PHISHING EMAIL LOOKS LIKE THIS:

From: Omran Shaalan <nlbh1965@outlook.com>
To: s…@masonlive.gmu.edu
Subject: When I hear from you I will detail you more.,.,

Greetings to you,,,,
I am from Syria.Please I will like to invest in your country
When I hear from you I will detail you more.
The CEO,
Omran Shaalan
 
BE AWARE: Messages of this type are malicious phishing* attacks. Do not respond. If you have responded contact the ITS Support Center at 703-993-8870 or via email at support@gmu.edu. 

*Phishing is a term used by hackers who imitate legitimate companies and organizations in emails to entice users to share passwords, Social Security numbers, credit card or bank account numbers. 

The Federal Trade Commission warns that victims of phishing can become victims of identity theft and offers tips on how to avoid it at www.ftc.gov/bcp/edu/microsites/idtheft/index.html.  

10/23/18: Circulation of a New Phishing Email October 23, 2018 10:26 AM

A new phishing email is circulating the George Mason University community. This is a copy of the latest phishing email. If you get this message, DO NOT reply, DO NOT click any links, DO NOT open any attachments and DO NOT provide any personal information. Delete the bogus email. We never ask for this information via email. The Email Group is working on the list of who received the email and is closing the accounts of those who responded to it.

THE PHISHING EMAIL LOOKS LIKE THIS:

From: <netid@gmu.edu>
Date: October 23, 2018 at 6:30:02 AM EDT
To: (netid@gmu.edu>
Subject:netid@gmu.edu is hacked
Hello!

My nickname in darknet is des53.
I hacked this mailbox more than six months ago. Through it I infected your operating system with a virus (trojan) created by me and have been monitoring you for a long time.

Even if you changed the password after that - it does not matter, my virus intercepted all the caching data on your computer
and automatically saved access for me.

I have access to all your accounts, social networks, email, browsing history.
Accordingly, I have the data of all your contacts, files from your computer, photos and videos.

I was most struck by the adult sites that you occasionally visit.
You have a very wild imagination, I tell you!

During your pastime and entertainment there, I took screenshot through the camera of your device, synchronizing with what you are watching.
Oh my god! You were so funny and excited!

I think that you do not want all your contacts to get these files, right?
If you are of the same opinion, then I think that $900 is quite a fair price to destroy the dirt I created.

Send the above amount to my Bitcoin wallet: 39JmAEBJ8kr6527QR8xFnAbtYGhVTUSz9J

As soon as the above amount is received, I guarantee that the data will be deleted, I do not need it.

Otherwise, these files and history of visiting sites will get all your contacts from your device.
Also, I'll send to everyone your contact access to your email and access logs, which I have carefully saved.

Since reading this letter you have 48 hours!
After your reading this message, I'll receive an automatic notification that you have seen the letter.

I hope I taught you a good lesson.
Visit safe websites only, and don't enter your passwords anywhere!
Good luck!
 
BE AWARE: Messages of this type are malicious phishing* attacks. Do not respond. If you have responded contact the ITS Support Center at 703-993-8870 or via email at support@gmu.edu. 

*Phishing is a term used by hackers who imitate legitimate companies and organizations in emails to entice users to share passwords, Social Security numbers, credit card or bank account numbers. 

The Federal Trade Commission warns that victims of phishing can become victims of identity theft and offers tips on how to avoid it at www.ftc.gov/bcp/edu/microsites/idtheft/index.html.  

10/18/18: Circulation of a New Phishing Email October 18, 2018 10:53 AM

A new phishing email is circulating the George Mason University community. This is a copy of the latest phishing email. If you get this message, DO NOT reply, DO NOT click any links, DO NOT open any attachments and DO NOT provide any personal information. Delete the bogus email. We never ask for this information via email. The Email Group is working on the list of who received the email and is closing the accounts of those who responded to it.

THE PHISHING EMAIL LOOKS LIKE THIS:

From: Pearl Morgan <eric6779@seed.net.tw>
Sent: Wednesday, October 17, 2018 8:23:14 PM
Subject: RE: Re Warrant ID#ON/7722 / WARRANT FOR YOUR ARREST. 
 
Notice with immediate effect
Outstanding Amount: $1450.61

Loan A/C NO: #MS6/72B/35S-13

This is Pearl Morgan From credit control department. This is the last
and final chance for you.

In order to notify you that after making calls to you on your phone number
we were not able to get a hold of you. So the accounts department has
decided to mark this case as a flat refusal and press legal charges
against you.

CASE File NO: 03475752
Amount Outstanding: $1450.61

This Legal Proceedings issued on your Docket Number RVS-86012097
WARRANT ID :- #02081609 which will be going to release on Friday noon 2 P.M.

WE MAY REPORT INFORMATION ABOUT YOUR ACCOUNT TO CREDIT 
BUREAUS. LATE PAYMENTS, MISSED PAYMENTS

We have sent you this warning notification about legal proceedings in May
2016. But you failed to respond on time. This time,  If you
fail to respond then we will register this case in court. Consider this as
a Final Warning. And we will be Emailing/ Fax this issue to your Current
Employer to make sure they take strict actions against you. Your salary,
wages will be garnished.

Do revert back if you want to get rid of these Legal Consequences and make
a payment arrangement today or else we would be proceeding legally against
you. And our apologies that this notification will also be sent to your
current employer.

The opportunity to take care of this voluntary is
quickly coming to an end. We would hate for you to lose the option of
resolving this before it goes to the next step which is a Lawsuit against
you, but to do so you must take immediate action.

You can Email back to get the payment mode too.

Please let us know what your intention is by today itself so we can hold
the case or else we will submit the paperwork to your Local County Sheriff
Department and you will be served with a court summons at your door step

(Collection Team)
3017 Douglas Blvd Roseville CA 95661 United States 
 
BE AWARE: Messages of this type are malicious phishing* attacks. Do not respond. If you have responded contact the ITS Support Center at 703-993-8870 or via email at support@gmu.edu. 

*Phishing is a term used by hackers who imitate legitimate companies and organizations in emails to entice users to share passwords, Social Security numbers, credit card or bank account numbers. 

The Federal Trade Commission warns that victims of phishing can become victims of identity theft and offers tips on how to avoid it at www.ftc.gov/bcp/edu/microsites/idtheft/index.html.  

10/17/18: Circulation of a New Phishing Email October 17, 2018 4:07 PM

A new phishing email is circulating the George Mason University community. This is a copy of the latest phishing email. If you get this message, DO NOT reply, DO NOT click any links, DO NOT open any attachments and DO NOT provide any personal information. Delete the bogus email. We never ask for this information via email. The Email Group is working on the list of who received the email and is closing the accounts of those who responded to it.

THE PHISHING EMAIL LOOKS LIKE THIS:

 

From: Marti Runnels [mailto:runnels@wbu.edu] 
Sent: Wednesday, October 17, 2018 2:53 PM
Subject: FW:[ATTENTION REQUIRED] George Mason University Revised Business Development, Implementation, and Review of Guidelines and Goals

 

 

 

LETTER FROM  THE PRESIDENT Dr Ángel Cabrera

 

Dear Colleagues:
 
I will like to remind each and every one of you that this organization holds itself to the highest ethical standards. To that end we are pleased to announce our updated Business Integrity Program. Adherence to the Program standards not only achieves compliance with applicable laws and regulations, but affords us tangible business benefits.  These standards also avoids liability for our company and all of us and also protects our reputation, but that is only the first of several benefits.
 
We must not take these benefits for granted as corporate scandals in recent years at Enron, Tyco, and other companies –including some companies in the pharmaceutical and biotechnology industries – have eroded the confidence of employees, customers, shareholders, and others.
 
Each of us must regularly affirm our commitment to integrity by acknowledging our agreement to the standards outlined in the Business Integrity Program. Please recognize the compliance responsibility this organization places in each and every one of us, as it will be taken seriously and any failure to act in accordance with the principles outlined herein.
 
The Business Integrity program is attached in this email and can also be accessed HERE, It is important that all staff go through it thoroughly and adhere to these standards so you will be helping to assure the future success of this organization.
 
Sincerely,
 
 
George Mason University
President
Dr Ángel Cabrera
 
 
4400 University Drive
Fairfax Virginia 22030 
 
BE AWARE: Messages of this type are malicious phishing* attacks. Do not respond. If you have responded contact the ITS Support Center at 703-993-8870 or via email at support@gmu.edu. 
 
*Phishing is a term used by hackers who imitate legitimate companies and organizations in emails to entice users to share passwords, Social Security numbers, credit card or bank account numbers. 
 
The Federal Trade Commission warns that victims of phishing can become victims of identity theft and offers tips on how to avoid it at www.ftc.gov/bcp/edu/microsites/idtheft/index.html. 

10/17/18: Circulation of a New Phishing Email October 17, 2018 10:09 AM

A new phishing email is circulating the George Mason University community. This is a copy of the latest phishing email. If you get this message, DO NOT reply, DO NOT click any links, DO NOT open any attachments and DO NOT provide any personal information. Delete the bogus email. We never ask for this information via email. The Email Group is working on the list of who received the email and is closing the accounts of those who responded to it.

THE PHISHING EMAIL LOOKS LIKE THIS:

From: Melissa Sloan [mailto:MSloan@germanna.edu] 
Sent: Monday, October 15, 2018 3:01 PM
Subject: Germanna Community Collage Incoming Wire 
 
 
Please see attached for our Cash Position and  wire transfer for today.
 
elissa Sloan
Accounts Payable Specialist
Germanna Community College
2130 Germanna Highway
Locust Grove, VA 22508
(540)423-9036 Phone
(540)727-3207 Fax
 
BE AWARE: Messages of this type are malicious phishing* attacks. Do not respond. If you have responded contact the ITS Support Center at 703-993-8870 or via email at support@gmu.edu. 

*Phishing is a term used by hackers who imitate legitimate companies and organizations in emails to entice users to share passwords, Social Security numbers, credit card or bank account numbers. 

The Federal Trade Commission warns that victims of phishing can become victims of identity theft and offers tips on how to avoid it at www.ftc.gov/bcp/edu/microsites/idtheft/index.html. 

Fradulent Calls: Chinese Embassy October 10, 2018 9:32 AM

Information Technology Services (ITS) is aware that some members of the Mason community have received telephone calls that claim to be from the Chinese Embassy or Consulate asking for money or credit card information. Mason community members should disregard these calls as they have been verified to be fraudulent.

The callers are scammers who say you have a package to pick up at the Chinese Consulate or Embassy and that you must give them money so you won't get in trouble. Recipients of these calls are asked for bank/credit card information or asked to make a bank transfer. The money goes to the scammers.

If you receive a call like this, you should hang up. If you receive a message, you should delete it. The Chinese Consulate or Embassy will not call you to ask for money.

Remember: Never give out your bank or credit card information or other sensitive information — including your Social Security number — to anyone who calls and asks for it. Also, if someone emails you or sends you a social media message asking for that information, do not respond.

If you have any questions, please contact the ITS Support Center at 703-993-8870 or support@gmu.edu.


General

Operating Systems

Applications