Many individuals on our campus have reported suspicious emails from someone impersonating a Princeton colleague. These messages typically ask a question and look for a reply in an attempt to start a conversation. Once the individual engages the recipient in a conversation, they often ask for personal information or for them to purchase gift cards. Please be on alert, as a small number of individuals on our campus have recently fallen victim to similar social engineering attacks.
Here’s an example of a recent message received at Princeton:
From: [Spoofed Princeton User]
Sent: Monday, January 20, 2020 12:14 PM
Subject: Quick Request
Are you available?
In this example, this initial message was harmless, but subsequent messages asked for the recipient to purchase gift cards.
What can you do to stay safe?
Examine incoming messages carefully. If something seems suspicious, check the Phish Bowl (https://princeton.edu/phish-bowl) to see if it’s been reported to OIT. If it has not been reported, forward the message to email@example.com. Please be on alert and follow these tips:
- Look carefully at the sender’s address. They may try to trick you with something that looks like a princeton.edu email address (e.g. “firstname.lastname@example.org).
- Question unusual requests, such as the sender is busy and needs your help right away. An example we’ve seen is the sender asking the recipient to purchase gift cards, scratch off the codes, and email the information back to them.
- Think twice before clicking on links or attachments.
- Never give away personal information in an email.
- Look for telltale signs of phishing emails, such as a blank “to” field, suspicious “from” field, odd or generic salutations, and spelling and/or grammar errors.
We all play an important role in keeping our campus safe. Thank you for continuing to be our guardians at the gate!