Phishing Alert: Job Opportunity Fraud Targeting Students

The Information Security Office (ISO) is alerting the community to a recent scam targeting Stanford students with fraudulent part-time job opportunities. 

Take a moment to review the details of this scam to help spread awareness.

What does the scam look like?

• The initial email is either purportedly from or references a Stanford faculty member.
• The email content describes a part-time job opportunity as a research assistant, intern, tutor, software developer, etc. 
• The email states this job comes with an attractive weekly salary and often can be done remotely. 
• Attackers attempt early on to move the discussion with the target to a non-Stanford platform (text messaging, non-Stanford email, or a phone call). 
• The target is asked to fill out some basic information in a form and then is given one or more job tasks. After some tasks have been completed, the attacker expresses satisfaction.
• Attackers send the target a digital image of a check with instructions to deposit in their account to cover initial salary plus buying startup items such as office supplies, laptop computer, or training.
• Attackers later ask for a sizable portion of the startup money to be transferred back via Zelle, PayPal, Venmo, etc., allegedly to cover costs for one or more of these aspects (office supplies/computer/training).
• If challenged, scammers may offer "proof" of the faculty member's identity, such as images of a forged Stanford ID card.
• The target then transfers money to the attackers via Zelle, PayPal, Venmo, etc., only to find out some time later that the startup check is fraudulent and has bounced. Funds transferred from the target’s account are often not recoverable by the bank.

The emails can be presented in many different formats. Here is an example of a recent phishing attempt that was reported.

Visit https://uit.stanford.edu/phishing to view more example email content. 

What should I do if I have been targeted or have fallen victim to this scam?

• Report any suspected phishing email. ISO analyzes submitted messages and takes actions to protect Stanford and other recipients.
• Familiarize yourself with screenshot examples of this phishing campaign and others that have jeopardized numerous Stanford accounts.
• If you’re a victim, immediately report the fraud to your financial institution and the online payment service you used for the financial transaction. 

How can I protect myself?

• Understand that every aspect of an email, including the sender and all contents, can be easily forged.
• If an offer sounds attractive or elicits an emotional response, be very wary.
• Do not engage in communication with the person offering you an opportunity until you can independently verify their identity. Look up their name in StanfordWho (https://stanfordwho.stanford.edu) and then communicate via a published email or phone number.