There have been multiple reports of scam phishing emails soliciting applications for a Research Assistant position. An example is shown below with the impersonated Professor and scammer’s contact information removed.
Here are a few ways to spot the phish
- The display name in the From field does not match the email address. Why is the UNC Professor not using their UNC Email Address for this communication per the Individual Email Address Policy? Outlook should now display an External label on the message in your inbox and a “This sender <user@gmail.com> is from outside your organization” as a banner once the message is opened; treat any such message claiming to be from an internal user as suspicious.
- The To field shows “undisclosed-recipients” [or is empty] instead of my email address, indicating that BCC was used to hide recipients. Note that OHR provides guidance on finding student employment opportunities.
- The scammer is attempting to move the conversation to SMS text message. Moving to Whatsapp is another common evasion tactic. This gives the scammer more control over the communication medium and helps avoid detection from UNC’s email defenses.
Engaging with the scammer may lead to a gift card or check deposit scam.
If you recognize a scam like this in the future, do not interact with the sender; instead, use the Report phishing button in Outlook/heelmail.unc.edu and notify ITS via help.unc.edu or 919-962-HELP.
If you were defrauded by this scam (e.g., sent money/gift cards) you can file a report with the FTC and FBI. The FTC also provides this helpful checklist of what to do if you become aware that specific forms of you personal sensitive information (e.g., login credentials, SSN, Credit Card, Bank Account, Drivers License Numbers) are impacted.