This morning, we were made aware that malicious actors have made a uniquely frustrating attempt to fraud Crowder employees using personal cell phone numbers and SMS text messages.
Al and Daniel truly appreciate everyone alerting us to phishing attempts and other malicious concerns. It really helps make a difference in protecting our people and Crowder.
The attacker begins with a text message to an employee’s personal cell phone and ends with “Thanks,” and the name of a supervisor. By naming you and a supervisor, making the request urgent, and claiming to be limited in communication options, the malicious actor is using several classic social engineering techniques. Social engineering is a malicious attempt to manipulate you.
Screenshot of initial text:
While not responding would indicate to the malicious actor that this phone number is no longer active or no longer belongs to their target, we understand that we all want to respond to colleagues' calls for assistance.
After the initial response, it becomes apparent that this is a malicious actor with a classic scam request.
Screenshot of follow up text:
If the individual had done as instructed, the money would be gone.
While these message;s did not contain any links, please avoid clicking on any unverified links sent to you.
If you receive a text or call from a number you do not recognize, always proceed with extreme caution and attempt to verify elsewhere (mutual friends, company website or directory) if the number belongs to the individual or organization claimed. In the event you receive a text or voicemail from someone claiming to be from Crowder, but are unable to verify this, please contact HelpDesk at www.crowder.edu/ticket, Help@crowder.edu, or 417-455-5712.
Thank you again to those who communicated to us and helped us get a head start on this,