Columbus State University

Page Content

Security News and Alerts

Office of Information Security

Security Alerts

If you see spam/phishing in your inbox:

  • Select the message you'd like to report.

  • Click the spam button  Report spam icon in the toolbar above your message list.

  • (If you have the message open, you can also report it as spam by using the same button.)

To know more about how a spam email looks, how to identify and prevent them please refer to our spam email page.

The following spam email appearing to come from a Ricoh-usa billing specialist has been observed in MyCSU emails. Please delete immediately when you receive it.

IMPORTANT NOTICE from ITS:  As a reminder, the IRS does not routinely send email to taxpayers. Please check your postal mail if you expect communication from the IRS. If emails appear to be from USG Human Resources or other organizations from which financial information is expected, please verify the message is legitimate prior to clicking any links.

From: USG Human Resources

Sent: Monday, January 16, 2017 03:00

Subject: Your W2

Dear Employee,

Your W2 is now prepared and available from the self-service portal. Please click the link below to access your W2.

Please click here to Logon.

Sincerely,

USG Human Resources

-------------------------

As a reminder, the IRS does not routinely send email to taxpayers. Please check your postal mail if you expect communication from the IRS. If emails appear to be from USG Human Resources or other organizations from which financial information is expected, please verify the message is legitimate prior to clicking any links.

CSU Office of Information Security has alerted USG Shared Service Center see response:

Thank you for reporting this incident. I do believe this to be a Fraudulent email. I have reported this to ADP's Trust Center at abuse@adp.com.

ADP's Trust Center had the following statement concerning the emails:

"There have been reports regarding fraudulent emails that appear to be sent from ADP which may have various subject lines including "Your ADP account will be suspended soon." These emails include a link or a file attachment and instruct the recipient to open it. The link leads to a phishing page entitled "ADP Account Update" which asks the recipient to enter their User ID, password, Email ID and email password. Once the above details have been submitted, the user is redirected to the ADP website to make him/her believe that their information is not submitted to spammers."

The following spam email has been observed in Cougarnet emails. Do not try to open the email and delete immediately when you observe it.

IMPORTANT NOTICE from ITS: one of our institutions was hit with a ransomware phishing campaign this morning which landed in about 7,000 inboxes. The attack profile consisted of a phishing message (in this instance) that used a forged "from" field and appeared to come from an institutional copier/printer. It appeared to come from copier@*.*.edu (e.g. copier@oit.usg.edu).

It was sent to most/all of the attacked institution's email subdomains. The message carried a .docm attachment. The attachment is the ransomware payload which in this instance installed a remote access trojan. This is an active attack. Communications efforts with other universities through REN-ISAC about this have taken place, and there are other confirmed instances of this throughout the country.

From: Alejandra Bullock <abuse@columbusstate.edu>
Date: Fri, Mar 25, 2016 at 6:28 AM
Subject: FW: Invoice Copy
To: abuse <abuse@columbusstate.edu>

Dear abuse,

Please review the attached copy of your Invoice (number: IN725874) for an amount of $7073.87.

Thank you for your business.
Alejandra Bullock
Vice President of Operations

The following spam email has been observed in Cougarnet emails. Do not try to open the email and delete immediately when you observe it.

Help Desk Requires you to upgrade webmail by Clicking http://updateurmail.livecity.me/
This Message is From Helpdesk.Due to our latest IP Security upgrades we have reason to believe that your webmail account was accessed by a third party.Protecting the security of your webmail account is our primary concern, we have limited access to sensitive webmail account features.Failure to revalidate,your e-mail will be blocked in 24 hours.Thank you for your cooperation.

Assistive Options

Top of page


Assistive Options

Open the original version of this page.

Usablenet Assistive is a Usablenet product. Usablenet Assistive Main Page.