Phishing

Phishing Scam Information

IMPORTANT SCAM WARNING: 

Do NOT allow anyone to have remote access to your devices or to install any apps, unless it is from the Computing Help Desk at Wellesley College.  The Help Desk will use Zoom with a live video feed to do the remote access. See the Recent Scams below to learn about why this is so important!

 

Phishing is the common name for email scams that try to trick you into giving up your login information or get you to send them money by offering jobs, asking for help buying gift cards, saying your account will be terminated or needs to be updated, or you that will lose data if you don't log in to their website.

    • Recent scams
      • PayPal payment request scam - December 2022 - NEW
      • Research Assistant Jobs - Fall 2022
      • Geek Squad / Best Buy renewals - Fall 2022
      • Faculty & Staff Gift Card scam - Fall 2022
         
    • Tips to identify scams
      • They will instill fear in you that you must do something RIGHT NOW and that it is URGENT.  No legitimate company or service will be this aggressive with you.  Hang up the phone, find your instituttions real phone number, and call them directly.
      • They will ask you to install remote access software or other software, and give them codes or login information so they can remote access your computer.  These are all 100% scams all the time.  No legitimate place will do this.
      • They text or email you a check and ask you to cash it.  Again, no legitimate place or person will ever do this.  This is always 100% a scam.
      • Be aware of offers that are too good to be true, or urgent requests.
      • Check the From details of the email to make sure it comes from @wellesley.edu.
      • Don't click on links in emails, go to the Wellesley website directly.
         
    • Reporting a scam
      • Report it to the Computing Help Desk so we can notify the community.
      • Report it to Google so they can update their detection rules.
        • Click on the three dots to the right of the email and select Report Spam or Report Phishing.
           
      • Report it to Campus Police if you transferred any money.
        • Call the 781-283-2121 non-emegency number.
           
    • Additional information
      • Information scammers try to get from you
      • How to protect your accounts and information

    Recent scams

    December 2022 - PayPal Requested Funds scam

    Scammers have been using PayPal's "Request Money" feature to send emails requesting $300-$500 for payment of a software subscription, and include a phone number to call for help, which goes to the scammer, not to PayPal.  This scam uses the legitimate Request Money process in PayPal, so the email bypasses all spam filters.  

    If you do call the number in the email, they will install fear that you were hacked and that they need to scan your computer right now to make sure everything is ok.  They will ask you to install remote access programs such as TeamViewer, AnyDesk, Gotomeeting, Logmein. Then once they have remote access they will run a script to try and drain your linked bank accounts through PayPal transfers. PayPal will then refuse to refund the money because these transactions happened on your computer.

    If you get an email from PayPal requesting funds and you did not expect it or it is for something you didn't purchase or you just aren't sure about it, you can forward it to the Computing Help Desk at helpdesk@wellesley.edu, and/or report it to PayPal by forwarding it to phishing@paypal.com

    Fall 2022 - Research Assistant Needed

    Scammers have been sending many versions of this email scam recently.  They usually ask for your mobile number, or ask you to text a mobile number, and then continue the scam outside of email. The only legitimate Wellesley College related jobs will be posted on Workday.  DO NOT respond to any personal emailed job offers unless you know who is sending the offer.
     

    • Name: impersonated professors, employees, departments, or fake alumnae
    • Email addresses: Currently the scammers are all using @gmail.com accounts.
    • Subject: Student Research / Job Offer / Part-Time Help / no subject at all
    • Content:  The job offered is some kind of personal assistant or other job you can do from home, remotely, or from your dorm.  They will offer about $200-$500 a week, and claim you need to buy supplies but they will give you the money for it. Sometimes this is included in the email, sometimes it's after you continue the conversation with them via text.
       
    • How the scam works:  The scammer will text you to bypass any email filters or blocks that we put in place, and give some details about the fake job, and send an image of a fake check. They will urgently ask you to deposit the check into your bank account and ask you to send money to someone else to pay for your work supplies. The money you send will be immediately processed and removed from your account, and eventually your bank will discover the first check was fake, and you will be out both the money from the scammer's check and the money you sent to the supplier.

    Fall 2022 - Geek Squad / Best Buy / Antivirus subscription renewals

    This scam usually comes as an image in an email, saying that your subscripiton will be renewed today for $200-$500 and if you don't want this renewal or you want to block it, you should call a phone number listed in the article. It is a scam to get your bank account info so they can send charges and transfer funds. WARNING: Bank transfers usually cannot be refunded or credited or returned like credit card charges can be.  Once the money is transferred, it's gone. So be way of ANY requests for bank account info!
     

    • Name: Usually some name that looks official or direclty includes Geek Squad.
    • Email addresses: Often the scammer uses @gmail.com addresses.
    • Subject: Your Update for Geeksquad (or something similar) with an order number.
    • Content: An image of what looks like an invoice and Geek Squad or antivirus logo, with a contact number to call.  No text at all in the email message.
       
    • How the scam works:  They get you to call them, then they either try to some remote access to show you the antivirus program or that your computer is infected with malware (it's not, they just go through technical jargon to confuse you), and then either claim they can reverse the charge or offer a discount but they insist on bank account information and won't take credit card info. 

    Fall 2022 - Staff Impersonator scam

    We are still seeing these scams this fall.  The scammer sends and email using the name of a supervisor, emailing from a personal Gmail account, and asks if you're available, making it sound urgent, asking for a phone number, and will then ask you to buy gift cards for them.
     

    • Name: various faculty and staff supervisors, directors, and department chairs.
    • Email addresses: The "Name" part of the email will appear to be someone at the College, but the actual email address will be a gmail.com address.
    • Subject: "Are you available?" or something similar, or no subject at all.
    • Content: The content varies, but it usually has some excuse about them being in a meeting or an urgent need for you to contact them via text. 
       
    • How the scam works:  They will then give a story about how they need funds through gift cards, asking you to go to a local store to buy $300-500 in gift cards, and text them pictures of the card number and pin, and then they will say you can be reimbursed for the cost.
       

    Nobody at the College would ever ask you to buy gift cards for any urgent reason with this kind of situation.  If you aren't sure, make sure you get a voice call or in person visit with the person to confirm they are the right person and that it is a valid request.


    Tips to identify scams

    Phishing scams emails typically have a few things wrong with them:

    • The email promises of a job that's too good to be true.
      • Pay or benefits are well beyond similar jobs.
      • The job asks you to send money to someone else before starting any work.
      • The job came unsolicited from someone you didn't know or expect.
         
    • The From email details are not from a Wellesley email address.
      • Scammers are using the names of current people at Wellesley, even copying their email signatures.
      • When viewing an email, tap or click on the triangle or down arrow next to the To section of the email to see the details. 
      • Make sure the From address is from an @wellesley.edu address.
         
    • The email is a scary warning about your account, such as it will be deleted, cancelled, or terminated.
      • Your account will only be disabled if your status at the College changes.
      • We will NEVER ask you to login to a website to fix your account.
      • If you're concerned, email helpdesk@wellesley.edu or call 781-283-3333 before taking any action.
         
    • The link in the email goes to a website that isn't on wellesley.edu or google.com, and the website doesn't have a secure lock icon.
      • If you are ever concerned about an email, DO NOT click or tap on any links in the email.
      • Go to the Wellesley home page directly - www.wellesley.edu, then click on My Wellesley, login, and look for a link in the portal.

    Reporting a phishing scam
     

    If you haven't sent any personal info to the scammer, report it to the Computing Help Desk. Foward the email to helpdesk@wellesley.edu, or call 781-283-3333.  Also, if you still have the email, click or tap the three dots to the right of the email and choose either Report Phishing or Report Spam, to send an automated report to Google about the email.

    If you transferred money or funds with the scammer, report it to Campus Police urgently, at 781-283-2121.  They will take a full report, walk you through their process for completing a report of the situation.


    Information scammers try to get from you
     

    Scammers will try to trick you into giving up many different kinds of information.  Be aware of this and only give out this information to people you trust and have had communication with via voice call or in person for confirmation.

    • Your Wellesley Account: You should only log in to Duo SSO, Wellesley SSO, or specific Wellesley websites. If you are asked to login to a system you're not familiar with or the host name doesn't end in wellesley.edu, get confirmation before logging in.
    • Your Duo 2FA information: You should only enter your Duo 2FA information into the Duo popup during the login process on a valid Wellesley website.  If you get a Duo Prompt on your phone, make sure you were expecting it and that it's for the website you're attempting to login to.
    • Accounts where you've used your Wellesley email address:  If you have used your Wellesley email address as the login for external websites, such as Amazon, LinkedIn, Twitter, etc. use a different password for each site and enable any additional login methods if possible, such as two-factor authentication. 
    • Your bank account information:  Never deposit checks sent over text or email into your account.  Always wait the appropriate time your bank says for the check to fully clear before using the funds. 

    Protect your accounts and information

    Here are some tips to help keep your information secure.

    • Don't click on links in emails that ask you for your account information.
      • If you're concerned, open a browser and go to the correct website manually.
         
    • Be cautious about opening attachments or downloading files from emails you receive.
      • If you weren't expecting an attachment or download, ask the person sending it to confirm it's ok.
         
    • Use anti-virus and anti-spyware software and keep them updated.
    • Keep your web browser up to date.
      • Chrome and Firefox are usually quick to flag suspicious websites.
      • Go to Help > About in your browser to check for updates.
    • Monitor your credit card and bank accounts regularly.
      • Visit the FTC website AnnualCreditReport.com to get your free credit report.
      • Some credit cards also provide credit check services.
         
    • Use a different password for every website.
      • Hackers will break into a weak website and try the account info on more secure sites, such as banks.
      • When one website gets hacked, you won't have to worry about all the other websites you used that password on.
      • Use a password manager. The College does not have a subcription to one, but please check these reviews.
         
    • Visit the following websites for additional security tips: