Faculty conduct reference scam
Fraudsters have continued their phishing efforts recently targeting UIndy accounts with bogus emails using untrusted links. This phishing scam impersonates UIndy offices to create a convincing sense of institutional authority. It exploits a professor’s professional anxiety by referencing an "anonymous concern" about a recent lecture while offering the false reassurance that they are not the primary subject of the complaint. By framing the request as a mandatory "review" necessary to maintain "eligibility for in-classroom instruction," the scam uses high-pressure tactics to trick the recipient into clicking a malicious link.
DO NOT engage in email exchanges, give money or accept their checks, give passwords, gift cards, or any personal information. Report these emails as phishing in your email account. If you have given them money or banking information, contact your bank ASAP. Questions? Contact UIndyIT at [email protected].
How to identify scam
Here are some specific red flags to recognize in this phishing email:
- Email address - The sender is not from a uindy.edu address, the attacker is using a compromised faculty email account from another university.
- Domain name - The link is to a fraudulent domain. Additionally, phishing emails often hide the actual destination. Hover over the link to preview the link’s destination.
- Unreasonable urgency.
- Closing - The "Office of Student-Faculty Relations" doesn't exist, neither does "Compliance Division".
What to do if you suspect a scam or have been scammed
- Report the message as phishing in Gmail to help protect others who may have received a similar phishing email.
- If you are unsure or believe something is fraudulent, forward the email to IT Help Desk ([email protected]).