Kansas State University

search

IT News

Impersonation phishing scam hits campus

The cybersecurity landscape is constantly evolving, making it vital to stay ahead of the curve in safeguarding digital assets. A recent phishing scam at K-State involved what is known as CEO Fraud. CEO Fraud preys on the trust and authority associated with executive positions to deceive employees into carrying out fraudulent activity. 

In this example, the scammer sent a K-State employee an email impersonating a department head, asking the staff member to download a file about a pay adjustment. Instead of clicking the link in the email, the alert employee checked with the department head to see if they had sent the email. The supervisor hadn’t sent the email. This was a scam. 

Remember: Don’t open email links or unexpected or unusual attachments, attachments from strangers or strange-looking emails. 

Any email attachment or link can carry software designed to damage or exploit your device or network. The malware will launch once you open the attachment or click the link. Vigilance and skepticism are our best defenses against impersonation scams. 

Tips to prevent becoming a victim of phishing scams: 

  • Don’t reply to a suspicious, unexpected or strange email. 
  • Be wary of emails with urgent requests for your personal or financial information or your sign-in credentials. 
  • Don’t open unexpected or unusual attachments, attachments from strangers or strange-looking emails. 
  • Don’t click links in unexpected emails, emails you suspect are fraudulent or if you don’t know the sender. 
  • Don’t click Sign In links. Go to the business website and sign in there or contact their customer service for help. 
  • Avoid filling out forms in email messages that ask for financial information. Only share credit card information via a secure website or telephone. 

If you receive a suspicious email, forward it to abuse@ksu.edu and be sure to include the email headers in your message. 

Share this post: