April 22, 2020: The FBI has release a public service announcement, Online Extortion Scams Increasing During The Covid-19 Crisis, through the Internet Crime Center.
NIU students and employees, if you feel you have been a victim please contact NIU Police at 815-753-1212.
April 8, 2020: Please review current guidance from the US Department of Homeland Security.
Due to the global COVID-19 pandemic, the number and manner of scams is increasing sharply. If you have any concern about a potential incident or worry you might have fallen victim to a phishing attempt, please contact our Information Security team by sending an email describing the incident to firstname.lastname@example.org and refer to email phishing. The current scams will be updated in our IT Service Portal under "Phishing/Security Events". You will need to login before you can review it.
Bad actors are pretending to be:
None of those resources will make an unsolicited call to you.
They will ask for your account, or personal information, or ask you to verify a PIN, or ask you to go to a website for assistance.
Do not do it, and do not give any information to the caller.
Hang-up, and if necessary contact the appropriate resource through normal channels.
Malicious emails about COVID-19 containing malware are also on the rise. These emails are spoofing health related organizations and claim to offer cures, vaccines, tests or other opportunities related to COVID-19. If you receive such emails, Please do not reply to the email or click any link or open any attachment, and just send the email itself as an attachment to email@example.com.
These emails will falsely claim to be:
An astonishing number of new websites using the COVID name have popped up. These are not reputable websites at best, and at worst deliver malware to your computer right through your browser.
Please beware of all sorts of new COVID mobile apps. A new Android app at a website called “coronavirusapp” is a ransomware locker.
Some other coronavirus apps have been identified as info stealers
Please only use reputable mobile apps.
If you responded to a request for a password and/or provided account information to someone inadvertently:
October, 19, 2020
If you receive an unexpected email such as described above:
For more information please review: https://www.bleepingcomputer.com/news/security/watch-out-for-emotet-malwares-new-windows-update-attachment/
August 24, 2020:
NIU’s Division of Information Technology will never ask you for your password
The Phishing Scam Artist
What’s in their ‘bag of phishing tricks’?
How do I protect myself?
Be critical of the email and assess who it’s from and the reason behind it. Is the email asking for your credentials? Are they trying to get you to open an attachment? Click on a link? Sometimes it is smart to call the organization or check the organization’s website to verify if they are sending emails of this nature out to their users/customers.
Oh NO! I just answered that phishing email; what do I do now?
If you receive a phishing e-mail, forward it as an attachment to firstname.lastname@example.org.