Phishing Alert: Recent Scams Exposed

The Information Security Office is alerting the community about how to protect themselves following recent reports of multiple phishing scams.

Recently, there have been reports of several phishing emails targeting Stanford students, faculty, and staff. Stanford’s Information Security Office (ISO) has been actively responding to these scams and is notifying us about the incidents so that we can stay alert.

• A phishing email masquerading as an advisory from the university’s health and wellness services targeted faculty, falsely claiming that a co-worker was exposed to the mpox (monkeypox) virus.
• On Wednesday, June 6, ISO became aware of a phishing campaign aimed at students that looked to be an email from Stanford’s Employee Assistance Benefits Program (EAP) offering up to $800 in assistance as part of a COVID-19 relief program. This was followed by a second email soliciting applications for a fictitious YMCA job opportunity. The attack led to several compromised accounts.
• On Friday, June 9, ISO detected a phishing scheme that resulted in some university staff members changing their direct deposit information in the Axess portal. Fortunately, due to the timing of the campaign and the speed of the response, no funds were actually transferred, and personal financial loss was averted.

What should I do if I have been targeted or have fallen victim to these scams?

• Familiarize yourself with information about these recent phishing scams. Visit https://uit.stanford.edu/phishing to view other scams that have jeopardized Stanford accounts.
• Always report suspicious emails. The Phish Reporter Button is preferred, but you can also forward suspicious emails to spam@stanford.edu.
• If you’re a victim, immediately report the fraud to your financial institution and the online payment service you used for the financial transaction.

How can I protect myself?

• If you receive an unexpected two-step request, press “Deny” to reject it. Even better, get Cardinal Key. Cardinal Keys simplify your login experience while providing protection for your account far stronger than a username and password.
• Understand that every aspect of an email, including the sender and all contents, can be easily forged.
• Be very wary if an offer sounds attractive or elicits an emotional response or if the sender tries to move the communications to a non-Stanford channel, such as your personal email or cell phone text.
• Do not communicate with the person offering you an opportunity until you can independently verify their identity. Look up their name in StanfordWho and then reach out via a published email or phone number.
• Review the information, training, and resources in the Stay Safe From Phishing Scams Guide.

What are some of the things Stanford is doing to protect the community?

• The university offers URL Defense, which adds another layer of protection against inbound email threats such as phishing and malware attacks.
• Stanford’s Phishing Awareness Program prepares the community to recognize and report phishing emails through simulation emails, awareness communications, and training opportunities. 
• When phishing emails are reported via spam@stanford.edu or the Phish Reporter Button, any linked malicious websites are blocked for systems on the Stanford network.

Learn more

• The Past, Present, and Future of Stanford’s Phishing Awareness Program
• Stay Safe From Phishing Scams
• Anatomy of a Phishing Email