Instagram Phishing Lures You In With Fake Copyright Violation

A new Instagram phishing campaign is threatening users with account suspension because of a “copyright infringement”. A poorly worded email informs you that content in your account “will violate our copyright laws”. Users are asked to fill out a fake “Copyright Objection Form” within 24 hours. The form requires they enter their Instagram username and password, which are then captured and sent to the attackers. Don’t fall for this trick! Without following any links in the message, go to your account settings in Instagram and check there for a notice. More details on this phishing attack, including pictures of the messages, and what to do if you have already fallen for the ruse, are available at Bleeping Computer, at this address: https://www.bleepingcomputer.com/news/security/instagram-phishing-attack-baits-with-copyright-infringement-note/

Be careful out there on social media!

Emails claiming your Office 365 account is about to be deleted are fraudulent

Emails claiming “your Office 365 account is about to be deleted” are fraudulent. They immediately ask you to pay your invoice and of course, the college provides these accounts to you out of the college budget. You are not expected to pay for these accounts. The email looks official and even the sending address looks legitimate, but the links do not go to Microsoft.

Please report these emails using the “Report Email as Phishing” button.

If you have received one of these emails and clicked on any of the links, please contact computing@berry.edu.

Service Update Messages from “office-365” are fake

Messages claiming your “office-365” email is “out of date” and asking you to click on a link to confirm it and prevent deactivation are fake. They will address you in the greeting with your email username and be signed “Microsoft Support”. The email suggests you complete this action within 12 hours. See the screenshot below.

Please report these emails using the “Report Email as Phishing” button.

“Urgent Action Required” Emails are Fraudulent

Many users are receiving emails with the subject of “Urgent Action Required”. These emails are fraudulent. The content of the email suggests there is a problem with their account and incoming emails will be “placed on hold”. Various methods are used to convince the user the email is valid. A green banner in the body of the email says “From Microsoft Office365” and in a large font before the main text it says “Berry Account Service”, which is never a term used by OIT. Oddly, the email address is partially obscured with asterisks, but the first two letters are left exposed.

Some emails are poorly crafted, as the button which says “Review Your Recent Activity” which should be a link, is not, but the “Berry Account Service” and the partially obscured email are.

Please report these emails using the “Report Email as Phishing” button.

Urgent (job) opportunities are fraudulent

A large number of emails have been received by faculty, staff and students announcing an urgent (job) opportunity. The full text of the email is below, minus the web link that either is serving malware to visitors, or is simply a scam funnel that will attempt to harvest information and credentials from victims. These emails could come from users within the Berry email system.

**************************Begin email text*********************************

Hello,

This Job is currently recruiting. A Job that will not affect your present employment or studies, fun and rewarding.  You get to make up to $300 weekly, I tried it and i made cool cash, If You are interested you can visit their website at https://www.timecodeoutsourcing.com to apply and read more about the job.

Best Regards.

Job Placement & Student Services
Berry College
2277 Martha Berry Hwy NW
Mount Berry, GA 30149

*****************************End email text*******************************

Please report these emails using the “Report Email as Phishing” button.

Job “opportunities” from Kimble Group

Emails purporting to inform the recipient of available jobs related to their field or interests from a company called “Kimble Group” appear to be suspect. The emails are generally poorly worded, include incorrect grammar, incorrect personal information (wrong names), and may be completely unrelated to job interests or fields.

While the exact purpose of the emails is unknown, it is possible that this company is either illegally or unethically promoting open positions, or it could just be an attempt to steal user credentials or install malware on the computer of any user that clicks on the link.

Please report these emails using the “Report Email as Phishing” button.

Fake “undelivered email” notification

A common phishing email that is seen here at Berry and elsewhere is a notification that the recipient has a random number of undelivered emails, usually since a certain date. Sometimes the emails are described as unique in some way, for example “clustered”. Clicking on the link will take the user to a fake Office365 login page where, if they enter their username and password, it is captured. Sometimes the fake site will redirect the user to their real login page, as if they had entered the wrong credentials.

Don’t fall for these emails, there is no self-service function to release “undelivered” emails.

Please report all emails like this using the “Report Email As Phishing” button