Content (10)
The Cornell University community is encouraged to be on high alert for suspicious emails, calls, and in-person contacts purporting to be a vendor working on the widespread Windows outage related to a CrowdStrike bug.
Be aware that bad actors are currently taking advantage of the widespread outage…
“Whaling” is a sophisticated form of phishing that targets an organization's top leaders. It uses clever social engineering and generative artificial intelligence to look like it’s from people you know and trust -- the president, provost, vice provosts, vice presidents, or deans.Cornell's leaders…
Watch out for fake job offers. Scammers are contacting Cornell students, pretending to be professors offering part-time research and administrative jobs. Students who apply end up losing their own money through fraudulent banking transactions.
Be suspicious if a listing:
Asks for your bank…
Spoofing is when the "from" address is forged by the sender so the message appears to come from someone else. Practice extra caution:
Confirm the SourceVerify that the message is coming from the person's real email address. In email readers and devices that do not display the actual address, hover over the Sender’s name to reveal what follows the @ symbol. Scammers frequently attach a real person's name to a fraudulent email…
It is easy to fake what appears in the From or Reply-to line of an email message. Check the message headers to discover the message's real origin. Message headers are the material that comes before the body of a message.Quick CheckSometimes information in the headers contradicts the From line. For…
Unfortunately, malicious attempts to exploit high-profile events, anniversaries of significant events, emergencies, tragedies, and even major political events, are not uncommon:
Any activity that is illegal under local, state, or federal laws is a violation of Cornell policy. Alleged violations will be referred to the campus Judicial Administrator. In addition, offenders may be investigated and/or prosecuted by the appropriate local, state or federal authorities. For more…
Beware of unexpected Duo (Two-Step Login) prompts. Ignore them unless you’re sure you requested them. If you are unexpectedly prompted to use Duo in a way you normally don’t, ignore it and contact the IT Security Office. For example, if you usually use your smartphone’s Duo app, but…
Scammers are following the headlines and taking advantage of fears surrounding the novel coronavirus (COVID-19). Stay informed and alert to avoid these and other targeted scams.