Many students, faculty and staff received an email last week from someone claiming to be a student staff member offering personal assistant job opportunities.
This solicitation was deemed fraudulent and ITS took the following action immediately by securing the compromised email account and deleting all “personal assistant position” scam emails.
ITS has since set up several mechanisms to report on further fraudulent solicitations and has been resetting passwords and logging out sessions as they become notified of other victims of the scam. MUPD has also been notified about the incidents and has filed a report about the scam(s).
To avoid becoming the victim of a scam, remember to:
- Practice good password hygiene.
- Choose long passwords that are easy to remember, rather than short complex passwords.
- For example “Football season is the best time of year!” is far stronger than “F0otB@lL” due to the length.
- Do not reuse passwords.
- Your Marquette password should not be used for other sites. For example, the LinkedIn data breach resulted in millions of compromised accounts because people used the same password at LinkedIn, Gmail, Facebook, for their work email, etc.
- When available, use multifactor authentication.
- Multifactor authentication will be coming soon for all employees.
- Never cash a check for or give any money to someone you do not know, nor provide someone you do not know with personal financial information.
- Make sure the contact information of the person with whom you are in contact matches the contact information of the organization with which they claim to represent.
- Take caution when responding to email messages, especially if:
- It comes from someone you do not know and have not met before.
- They request communication only via email.
- They request you do not reply with your Marquette email address.