SECURITY ALERT: Phishing scam pretends to be University code of conduct from the President's Office.

SECURITY ALERT: Phishing scam pretends to be University code of conduct from the President's Office.

Published

[NOTE: We are resending this security alert due to reports of yet another wave of scam email following the same pattern.  The difference between the previous messages and the current wave of messages is primarily the sender address.  The more recent fraud appears to originate from either a Daniel M. Schmidlin (with a CentralMethodist.edu domain address) or from a David Cowburn (with an Einstein.yu.edu domain address. The name of the attached PDF file is also somewhat more detailed than in previous instances of this scam.]

CSIT has received numerous reports within the past hour of a new phishing scam targeting NWU mailboxes. The volume of reports indicates that this is an extremely wide spread attack and that it has been structured to evade our email filters.

The scam is a message which purports to have been sent on behave of Dr. Ohles (NWU President) and includes an attached PDF file with the name “Nebraska Wesleyan University Code of Conduct.PDF”.  The message claims that the attached PDF is mandatory reading for all full or part-time employees regarding guidelines for behavior.  The PDF file, if opened, contains what is claimed to be a link to a secure document.  If followed the link will attempt to access a malicious web site. The message appears to be sent from a non-NWU account with the name Perri Franskoviak and an email address in the domain “hnu.edu”.

If you have received this message, please delete it from your mailbox.  Do not attempt to open the PDF attachment or, if you have, do not attempt to follow any links which the document might present.  The message is a fraud, intended to entice those receiving it into surrendering confidential information.