Phishing Warning: July 22, 2019: “Work Part Time if you want”

USC users have reported receiving phish emails from a compromised USC Account similar to the one listed below. If you have received a similar phish, do not reply or click the embedded link within the message.

Sample of email:

From: [redacted] <[redacted]@usc.edu<mailto:[redacted]@usc.edu>>
Subject: Work Part Time if you want
Date: July 22, 2019 at 5:52:57 PM PDT
Reply-To: [redacted] <[redacted]@usc.edu<mailto:[redacted]@usc.edu>>

Hello,

Would you mind a job from me? I am in need of a personal assistant and it would be great to have you work with me. I wont make you over work yourself with me, maybe between 2-4 hours weekly.

You must have had the slightest idea of what a Personal Assistant Job looks like; General works to handle (if any), few errands like Shopping, making bill payments, accepting packages and sometimes advice on certain things.

I am putting out this job offer to you with a weekly pay of $300. Also, I will make provision for transport and/ or gas fee, if needs be.

if you are interested Proceed to the Application section<hxxps: //form[.]jotform[.]co/92026953589873>

Would be a great honor having you work with me.

Thanks
[redacted]

[redacted]
Dornsife Science Transformation Fellow

[redacted]
University of Southern California
3620 S. Vermont Ave, KAP 104
Los Angeles, CA 90089

[redacted]@usc.edu<mailto:[redacted]@usc.edu>

If you have received this phish, do not respond or click the embedded link. If you have responded or clicked the link and were asked to disclose your USC NetID password, change your USC NetID password immediately by going to the Popular Logins menu bar on the ITS website and clicking the link labeled change your password.

As phishing campaigns become increasingly sophisticated and harder to detect, we urge you to use extreme caution when clicking links in messages or attachments you receive from unknown senders. While antivirus programs may automatically scan messages for embedded malware, they do not automatically scan for malicious links in attachments.

ITS encourages you to consider the following tips when handling suspicious email:

  • If you are unable to see or do not recognize a link’s destination URL, do not click the link.
  • Never provide personal information, such as your passwords, social security number, or bank information, on a website you access by following a link in an unsolicited email or attachment.
  • If you must open an email attachment, first scan it using your antivirus software. To scan an attachment on a PC or Mac running USC’s free Sophos Antivirus, save the attachment to your desktop, right-click the file, and choose Scan with Sophos Antivirus.