Key Takeaways
- Always be suspicious of unsolicited emails. A UNC employee or department should never advertise a job via a non-UNC email address. Student work opportunities are posted at https://studentwork.unc.edu/students/finding-job/ and UNC job opportunities are posted at https://hr.unc.edu. For external organizations, use their official website to find job postings.
- Closely inspect the From field and the External label (i.e., “You don’t often get email from…”) for signs of impersonation. Anyone can manipulate the name displayed in the From field (e.g., one could change “JOB INFORMATION SUPPORT” to “Dr. Jane Doe”)
- If you recognize a scam like this in the future, do not interact with the sender; instead, use the Report phishing button in Outlook/heelmail.unc.edu.
Recognizing the Scam
Scams advertising student job opportunities or part-time research positions like the one below are increasingly common at the start of the semester. Scammers will adapt this template to avoid spam filtering (e.g., change phrasing and contact details, collect contact information through a google form, move the message body to a pdf attachment, etc.) but the general pattern is similar:
- The scammer may obtain some information about a current or former employee (e.g., Full Name, Department) to make the offer more convincing (e.g., using the name and department in the signature, incorporating the name into the gmail address).
- The offer is flexible, high paying and designed to appeal to the broadest audience (e.g., “apply regardless of major”).
- The scammer tries to solicit contact information (i.e., text me or send your resume) so they can move the conversation outside of UNC email where they’ll have more control.
- The motive is often gift card or check deposit scams. If someone contacts you via email or text asking you to cash a check and/or send gift cards, this is almost certainly a scam; if you know the individual contact them over a separate communication channel, preferably in person. “Fake checks can take weeks to be discovered and untangled. By that time, the scammer has any money you sent, and you’re stuck paying the money back to the bank.”
What to do if you interacted with the Scam
If you shared any University Sensitive Information with the scammer, please immediately contact 919-962-HELP or help.unc.edu and report a critical incident to the UNC Security Office. If you clicked a link sent by the scammer and entered credentials, immediately reset your password and report/decline any unexpected multi-factor authentication requests.
If you shared any personal sensitive information (e.g., bank account number) with the scammer, or were otherwise financially defrauded, consider the following:
- File a police report https://safe.unc.edu/file-a-report/
- Review identity theft recommendations for specific types of stolen personal information https://www.identitytheft.gov/#/Info-Lost-or-Stolen
- File a report with the FTC https://www.usa.gov/where-report-scam/imposter/other#block-usagov-content
If you otherwise had contact with the scammer and/or shared personal directory information (email, phone, address, resume, etc.) consider the following:
- Report the number as SPAM to your service provider
- Consider if information contained in the resume could be used to deduce account recovery questions on any sensitive services (e.g., onyen, banking, personal email, etc.) and update these questions.
- Scammers may reuse the contact information, be highly suspicious of any unsolicited calls or emails.