Members of the Fordham University community have received scam messages claiming their accounts have been compromised and that the sender has blackmail material on the recipient. These are fraudulent messages and can be safely deleted.
How to recognize this scam:
- The sender falsely claims that they have accessed the recipient’s account and threatens to release private information.
- The message may include an old password lifted from a breach unrelated to Fordham University.
- The scammer may use a fake email address similar or identical to the recipient address to further convey credibility.
- The message demands payment in Bitcoin.
What should you do if you received this message?
- Do not respond to the message.
- If the sender mentions a password that is still in use, change it immediately.
- Report the message using Cofense Reporter (the fish icon on the sidebar in Gmail).
- If you don’t have Cofense, you can forward the message to firstname.lastname@example.org.
- Delete the message.
It is important to note that none of these accounts have actually been compromised by the scammers and none of them have actually carried out their threats. As a general rule, any email that is impersonal, urgent, and unexpected should be ignored.
Potential phishing and malicious emails can be reported with one click from your Fordham Gmail safely and in real-time with the Cofense Reporter Gmail add-on. You can read more about the Cofense Reporter here: itsecurity.blog.fordham.edu/2018/10/04/introducing-cofense-reporter/