Below we have listed a number of phishing / spoofed  / scam emails that we have received at Elon.  Please take the time to review these and be aware that the scammers will likely change the content and email subject lines, but the main purpose of the email will remain – to phish your personal and sensitive information. 

<><><><><><><><><><><><><><><><>

ALERT: 2024 Payroll Notification.

This type of email is especially dangerous as it asks the recipient to open an unsolicited PDF document and often comes from a COMPROMISED Elon account. If you receive a message from any @elon.edu account asking for credentials, please delete the email. Do not respond to it, open the attachment or click on any embedded links.

ALERT: Share – Faculty Evaluation – Response Neede ASAP””

Within the body of this email, the text often states that is coming from Dr. Connie Book or it will state that “Dr. Book would like you to review this file.”  Please be aware how faculty evalutions are performed at Elon and DO NOT respond to these email with your credentials or any personal information.  Unfortunately, these messages often come from a COMPROMISED Elon account.

ALERT: [EXT] IT ADMIN shared “Elon University__20242005.pdf With You

If you recive this type of message please delete the email. Do not respond to it, and do not open the attachment or click on any embedded links. If you think the message may be valid, please forward the message to infosec@elon.edu and let us review it before you take any other action.

Alert: Beware of Fake Job Offers or Research Opportunities

These types of email messages include a variety of subject lines and general appear around the beginning of the academic year. Students are targeted by phishing emails that include fake job offers, personal assistant offers, retail jobs, and research opportunities and may appear to be from legitimate businesses. Often these messages ask students for personal information.

In addition, entities posing as Elon faculty may offer work programs in exchange for a “check” or “gift card”. These are common scams that seek to extort money from victims. Elon University has a strict process for student employment of any kind. Please check with Human Resources before responding to any job offer and NEVER provide any personal information in email.

ALERT: EMAIL CONFIRMATION REQUIRED

Elon is experiencing a phishing attack very similar to the alert that was posted about one week ago – except this one is coming from a compromised Elon account.  The phishing email is being distributed across campus.  If you receive a message with the subject line of: “Email confirmation.” from any Elon email account, please delete the email. Do not respond to it and do not scan the QR code or click on the embedded links.

ALERT:  Access Denied / Account Suspension

This is a phishing email that threatens loss of an account or account access if a “revalidation” or “reset” action is not performed.  The sender is an external (non-Elon) sender. Since phishing messages often try to create a sense of urgency around an imminent event, these types of phishing emails are often successful.

Often the link will send the victim to a malicious site that will ask for sensitive information, likely username and password, or some other personal information (address, phone number, banking information, etc.). The may use a QR Code which makes inspecting the link particularly difficult for the victim.  Always be cautious about accessing QR Codes from your phone or other devices as you may not know where the links will go.

ALERT: IT University Email Out-of-Date

This is a phishing email that often appear to come from a support individual at Elon. The email claims the recipients account settings are out-of-date and must be updated. Recipients are directed to a malicious link login with their Elon username and password. NEVER supply your crentials and immediately delete these types of emails.  If you have already submitted the form, immediately reset your Elon Account password and alert the Technology Service Desk at (336) 278-5200.

Phishing messages often try to prompt user action through a false sense of urgency involving account maintenance or mailbox deletion.  Recent phishing attempts have introduced a prompt to accept MFA call notifications as well.  Elon strongly encourages the use of Duo push notifications to registered Duo devices over call prompts.

ALERT: XXXXXX Wants to Share a File With You

Online scammers are now using cloud services like Office 365 to steal user credentials. File sharing among colleagues and others within these services has become a common practice, and cybercriminals know this.  Before responding to any file share reuqest, VERBALLY confirm the request with the sender.  Often these types of messages come from COMPROMISED Elon accounts.