Email Phishing Scam Alert

From: Division of Information Technology, IT Security Office

Recently, Virginia Tech has received a number of phishing emails that claim to offer student job opportunities. These emails may come from a “vt.edu” email address or from an external Gmail address, and request information to be sent to a non-VT address. 

Scams such as this one are common around university campuses. These scams often ask students to send a resume or other personal information, which is then used to attempt to steal money or for other purposes. 

The content in the email currently circulating may look like this, and may have a subject line such as “POSITION ANNOUNCEMENT,” “ASSISTANT JOB OPPORTUNITY, “Flexible Internship Work,” or any number of similar subject lines.

What to do if you receive an email like this:

• Do not reply. If you have already provided information to these non-VT parties, please stop communication with them immediately.
• Self-report the phish through your email client (i.e., Gmail or Outlook).

The IT Security Office has determined that some of these phishing emails are coming from compromised Virginia Tech email accounts. Remember, never share your VT username and password with anyone. Virginia Tech will never ask for your username and password in an email — if you receive such a request, it is fake. If you suspect that your account has been compromised or experience any suspicious activity, such as a 2-factor authentication request that you did not initiate, please report the incident immediately.

We encourage the university community to review the following resources to help protect against phishing attacks: 

• How to protect against phishing attacks from the 4Help Knowledge Base.
• How to detect phishing and “spear phishing” from the Division of IT.

General Cybersecurity Awareness resources from the Division of IT.