Criminals continue to send phishing email messages from Gmail and other external email addresses in the names of our faculty and staff. They ask if we’re “available” for a “quick favor” or some other pretense to get us into an email conversation, and eventually ask us to buy some gift cards and send them the codes. They’ll often have some excuse for using their “personal” email address instead of their ithaca.edu address, and why they can’t talk on the phone.
Please be extremely suspicious of ANY request to purchase gift cards. Also, be suspicious of any email you receive from a member of the IC community that does not come from their ithaca.edu email account. External messages include a yellow banner to warn you that the message did not come from IC email. Faculty and staff who actually use Gmail and other external personal accounts for work make it easier for attackers to trick others.
As much as it might be fun, please do not respond to phishing messages just to mess with the attackers. After phishing messages are detected, we’re alerted to responses that were sent and then need to do follow up work to determine who may have actually been tricked. Also, any information you provide to the criminal organizations behind these attacks (how you write, sign your email, or even just the fact that you’re reading email) is useful to them and likely gets saved for use in future attacks against you or others.
More information is available at https://www.ithaca.edu/it/security.
Please reach out to the IT Service Desk with any questions or concerns.
Information Technology Service Desk
ithaca.edu/itchat
servicedesk@ithaca.edu
607-274-1000
https://www.ithaca.edu/intercom/article.php/20201008120414257