Columbus State University Print Logo

Office of Information Security

Office of Information Security

Security Alerts

If you see spam/phishing in your inbox:

  • Select the message you'd like to report.

  • Click the spam button dot Report spam icon in the toolbar above your message list.

  • (If you have the message open, you can also report it as spam by using the same button.)

To know more about how a spam email looks, how to identify and prevent them please refer to our spam email page.

spam alert

We have learned there may be a "Spear Phishing" email campaign targeting post-secondary institutions and high schools in Georgia. As indicated below, the emails in question appear to be coming from Trex@gsfc.org but the FROM line includes a different email address (1), the SUBJECT line references some sort of invoicing (2), and the BODY of the email contains an embedded URL to a non-GSFC website (3).

If this email is received please delete it immediately.

Spear_Phising Email

 

The following spam email appearing to come from a Ricoh-usa billing specialist has been observed in MyCSU emails. Please delete immediately when you receive it.

spam email alert

alert

IMPORTANT NOTICE from ITS:  As a reminder, the IRS does not routinely send email to taxpayers. Please check your postal mail if you expect communication from the IRS. If emails appear to be from USG Human Resources or other organizations from which financial information is expected, please verify the message is legitimate prior to clicking any links.

From: USG Human Resources

Sent: Monday, January 16, 2017 03:00

Subject: Your W2

Dear Employee,

Your W2 is now prepared and available from the self-service portal. Please click the link below to access your W2.

Please click here to Logon.

Sincerely,

USG Human Resources

-------------------------

As a reminder, the IRS does not routinely send email to taxpayers. Please check your postal mail if you expect communication from the IRS. If emails appear to be from USG Human Resources or other organizations from which financial information is expected, please verify the message is legitimate prior to clicking any links.

 Alert

CSU Office of Information Security has alerted USG Shared Service Center see response:

Thank you for reporting this incident. I do believe this to be a Fraudulent email. I have reported this to ADP's Trust Center at abuse@adp.com.

ADP's Trust Center had the following statement concerning the emails:

"There have been reports regarding fraudulent emails that appear to be sent from ADP which may have various subject lines including "Your ADP account will be suspended soon." These emails include a link or a file attachment and instruct the recipient to open it. The link leads to a phishing page entitled "ADP Account Update" which asks the recipient to enter their User ID, password, Email ID and email password. Once the above details have been submitted, the user is redirected to the ADP website to make him/her believe that their information is not submitted to spammers."

The following spam email has been observed in MyCSU emails. Do not try to open the email and delete immediately when you observe it.

adp

Alert

IMPORTANT NOTICE from ITS: one of our institutions was hit with a ransomware phishing campaign this morning which landed in about 7,000 inboxes. The attack profile consisted of a phishing message (in this instance) that used a forged "from" field and appeared to come from an institutional copier/printer. It appeared to come from copier@*.*.edu (e.g. copier@oit.usg.edu).

It was sent to most/all of the attacked institution's email subdomains. The message carried a .docm attachment. The attachment is the ransomware payload which in this instance installed a remote access trojan. This is an active attack. Communications efforts with other universities through REN-ISAC about this have taken place, and there are other confirmed instances of this throughout the country.

alert
From: Alejandra Bullock <abuse@columbusstate.edu>
Date: Fri, Mar 25, 2016 at 6:28 AM
Subject: FW: Invoice Copy
To: abuse <abuse@columbusstate.edu>

Dear abuse,

Please review the attached copy of your Invoice (number: IN725874) for an amount of $7073.87.

Thank you for your business.
Alejandra Bullock
Vice President of Operations
alert
The following spam email has been observed in MyCSU emails. Do not try to open the email and delete immediately when you observe it.

Help Desk Requires you to upgrade webmail by Clicking http://updateurmail.livecity.me/
This Message is From Helpdesk.Due to our latest IP Security upgrades we have reason to believe that your webmail account was accessed by a third party.Protecting the security of your webmail account is our primary concern, we have limited access to sensitive webmail account features.Failure to revalidate,your e-mail will be blocked in 24 hours.Thank you for your cooperation.