This article was originally posted on the ITS Security Blog at it-security.usc.edu/2019/09/17/phishing-warning-september-16th-2019-you-have-1-important-pending-message.
USC users have reported receiving suspicious emails regarding job opportunities similar to the one below. If your receive such an e-mail, do not reply and report it to firstname.lastname@example.org.
Sample of e-mail:
From: USC <email@example.com>
Date: Monday, September 16, 2019 at 5:16 PM
To: Recipient <firstname.lastname@example.org>
Subject: Yου have 1 Impοrtant pending message
As phishing campaigns become increasingly sophisticated and harder to detect, we urge you to use extreme caution when clicking links in messages or attachments you receive from unknown senders. While antivirus programs may automatically scan messages for embedded malware, they do not automatically scan for malicious links in attachments.
OCISO encourages you to consider the following tips when handling suspicious email:
- If you are unable to see (remember to hover over the link to see the actual destination) or do not recognize a link’s destination URL, do not click the link.
- Never provide personal information, such as your passwords, social security number, or bank information, on a website you access by following a link in an unsolicited email or attachment.
- If you must open an email attachment, first scan it using your antivirus software. To scan an attachment on a PC or Mac running USC’s free Sophos Antivirus, save the attachment to your desktop, right-click the file, and choose Scan with Sophos Antivirus. You may download the latest Sophos anti-virus at https://software.usc.edu/antivirus/
We would be more than glad to answer any additional questions or concerns at email@example.com.