Job Opportunity Fraud Targeting Students
The university’s Information Security Office is alerting the community to a recent scam targeting Stanford students with fraudulent part-time job opportunities. A handful of students have reportedly fallen victim to the scam in the past few months, which led to personal financial loss.
While the university’s email security tools have blocked over 80% of the messages, enough have arrived in mailboxes to cause significant concern. Take a moment to review the details of the scam to help spread awareness across student channels.
What does the scam look like?
- The initial email is either purportedly from or references a Stanford faculty member.
- The email content describes a part-time job opportunity as a research assistant, intern, tutor, software developer, etc.
- The job comes with an attractive weekly salary and often can be done remotely.
- Attackers attempt early on to move the discussion with the target to a non-Stanford platform (text messaging, non-Stanford email, or a phone call).
- The target is asked to fill out some basic information in a form and then is given a list of job tasks. After some tasks have been completed, the attacker expresses satisfaction.
- Attackers send the target a digital image of a check with instructions to deposit in their account to cover initial salary plus buying startup items such as office supplies, laptop computer or training.
- Attackers later ask for a sizable portion of the startup money to be transferred back via Zelle, PayPal, Venmo, etc., allegedly to cover one or more of those aspects (office supplies/computer/training).
- If challenged, scammers may offer "proof" of the faculty member's identity, such as images of a forged Stanford ID card.
- The target then transfers money to the attackers via Zelle, PayPal, Venmo, etc., only to find out some time later that the startup check is fraudulent and has bounced. Funds transferred from the target’s account are often not recoverable by the bank.
Go to https://uit.stanford.edu/phishing to view more screenshots of components in the campaign, including text message exchanges, a fraudulent paycheck, and fake Stanford ID.
What should I do if I have been targeted or have fallen victim to this scam?
- Forward any suspected phish to firstname.lastname@example.org. ISO analyzes submitted messages and takes actions to protect Stanford and other recipients.
- Familiarize yourself with the screenshot examples of this phishing campaign and others that have jeopardized numerous Stanford accounts.
- If you’re a victim, immediately report the fraud to your financial institution and to the online payment service you used for the financial transaction.
How can I protect myself?
- Understand that every aspect of an email, including the sender and all contents, can be easily forged.
- If an offer sounds attractive or elicits an emotional response, be very wary.
- Do not engage in communication with the person offering you an opportunity until you can independently verify their identity. Look up their name in StanfordWho (https://stanfordwho.stanford.edu) and then communicate via a published email or phone number.