MOREnet, the Missouri Research and Education Network, supports colleges, universities, school districts, libraries, and others in the state.
They notified us this morning of an targeted malicious phishing campaign that is being actively seen among there members. Below is the relevant text from the MOREnet alert.
We have been notified by a member that many of our members are actively being targeted by a malicious phishing campaign. This campaign is aimed at staff and appears to come from the building administrator. The spoofed sender begins the message with “Are you available?” If the recipient responds then the attack goes to the next level, requesting the purchase of gift cards. If the victim complies, then they are asked to reveal the gift card activation codes either by picture or text and the scam is complete.
This 2 part scam is currently very active among our members. Please take the time to alert your faculty and staff. Make sure to drive home these points of wariness.
- Look closely at the sender’s email address. The From: should reveal the senders name AND legitimate domain (the portion of the email address after the @ symbol).
- A legitimate request will not ask for payments or purchases of gift cards.
- When in doubt, touch base PERSONALLY with the requester, either contact by phone or in person to verify the request.
- Always check for bad grammar and misspellings.
If you do receive a suspicious email, please use the Phish Alert Button to report it to IT.
If you have already opened an attachment or clicked on a link you now find suspicious, please contact HelpDesk immediately at 417-455-5712. If this occurs outside of normal business hours, email firstname.lastname@example.org and email@example.com immediately to let us know.
Lastly, if you have any questions or concerns, please reach out to HelpDesk at Help@crowder.edu or www.crowder.edu/ticket or come by and visit us in room 217 in McDonald Hall on Neosho's campus.