Computing & Information Services

Threat Status History

"Important Notice" phish - Posted

A phishing message sent to a mailing list directs users to update their “employment data” and contains a link to the “staff enrollment portal” where they ask for personal information such as social security number, driver’s license, salary info, etc. Do not fill out the form!

phish image

phish form image

"Apple Support" Telephone Scam - Posted

A new angle on an old scam has bubbled up in recent days.

A Reed community member reports that they've received persistent robo-call message from "Apple iCloud Premium Support", where the robo-caller indicates there is a "problem with your account" and provides a telephone number to call for additional instructions. If an unsuspecting person dials that number, they are directed to a website where the baddies attempt to convince them to give control of their computer.

Don't take the bait! Apple (or Microsoft, or any other legitimate vendor with which you don't have a pre-existing relationship) is not going to call you and ask to take control of your computer. It could be a robo-call, or a potentially convincing live person on the other end of the phone, and they could claim to be from a variety of sources (Apple, Microsoft, Reed IT, the IRS, the FBI...).

So what should you do? Hang up! If you're a bit concerned that you may have hung up on someone who is NOT a scammer... contact CUS (, 503-777-7525), and we'll help determine what happened, and whether or you need to apologize for rudely hanging up. Better safe than sorry!

Chrome Malware - Missing Font - Posted

Users of the Chrome web browser are being targeted by a fake font plugin that installs malicious software on your computer. If you see a pop-up indicating the "HoeflerText font wasn't found", do NOT click the button to update. Other font name could be used in the future. The pop-up appears legitimate because it displays a chrome logo. Be wary of such pop-ups!

HoeferText font wasn't found

Read more about this threat.

A Payroll Representative - Posted

A new phishing email that is targeting the Reed Community and purports to be from "". A similar message is also targeting other colleges and universities. DO NOT reply, click on any links, provide personal information, and open any attachments. Contact the CUS Help Desk with questions or concerns.

Subject: A Payroll Representative Needed
Date: Tue, 5 May 2015 19:36:08 +0200
From: Reed Employment <>


Are you interested in a part time book keeping job for a private client? This job only takes one hour of your time daily and pays a total of $1,200 monthly(4weeks)?

Can you take record of cash flow via excel spread sheets? If YES, then apply immediately and fill this opening.

Attach a letter of interest as well as resume highlighting past experiences gathered over time.

The employer's direct email has been attached to this ad, hence respond only if you are interested.


Thank you,

Ubanya Firoshi

Employment Bureau

Paycheck Raise Information - Posted

This timely phishing scam is targeting faculty and staff. Do not click on the link! Contact CUS at x7525 or with questions.

From: REED-HR <>
Date: Tue, May 5, 2015 at 9:36 AM
Subject: Paycheck Raise Information

Hello, As part of Reed College standard practice to offer salary increases once a year after an annual review,
the Human Resources reviewed you for a salary raise on your next paycheck in May

Click below to confirm and access your salary revision documents:

Click to conrfirm <link to non-Reed site>


Human Resources

Reed College

Google Doc scam - Posted

Be careful with emails from people you don't know linking to what purport to be trusted sites. Hover your mouse over the link to see where it really goes! In this case,, not Google at all! Phishers also use Google docs to collect names and passwords, so beware of those as well.

From: Matthew Jarvinen <>
Date: Mon, Feb 23, 2015 at 7:33 AM
Subject: Important, view attachment

An important document sent to you via Google Docs Apps.
Google Drive: create, share, and keep all your stuff in one place.Logo for Google Drive

Matthew Jarvinen

Bank details request - Posted

Phishers will often browse a company or school web page to harvest names of important people at the school, and specially craft targeted emails. Since these are specially directed emails they are called spear phishing.
Hi Tracy,

Hope you are having a splendid day. I want you to quickly email me the details you will need to help me process an outgoing wire transfer to another bank.

I will appreciate a swift email response.


John K.

See please. Thank you - Posted

Variations of this email are trying to trick community members into updating their contact information. The link redirects to a "" website requesting information such as date of birth, username, password, and email address. Do not submit your information!

From: Angelo, Dana
Date: December 20, 2014
To: undisclosed recipients
Subject: See please. Thank you

Please open and update!

Reed College Contact Update

Mail News Update! - Posted

Here is another phishing message making its rounds within the community. Don't forget it's easy to spoof the "From" address in a message so don't assume the message is legit even if you recognize the sender's address. The URL in the message actually links to a different non-Reed website (see image below).

From: Reed College <>
Subject: Mail News Update!
To: Recipients <>

This Email is from Reed College, we will be making some vital E-mail account maintenance to ensure high quality in Internet connectivity in the 2014 fight against spam and improve security, all Mail-hub systems will undergo regularly scheduled maintenance.

To confirm and to keep your account active during and after this process
Kindly Click or copy  the Universal Web Link and fill the following
information: http:/

Reed College•
3203 SE Woodstock Blvd, Portland, OR 97202•

Here is what the phish website looks like:

Another phishing message

REED College Web Login - Posted

This phishing message is cleverly crafted and at first glance appears to be authentic. The sender name is similar to an actual staff member, and the link redirects to a nearly identical looking Reed Web Login page. Look closely at the URL and you will see it is bogus. Do not be fooled by this one!

From: "Access Services Assistant"
Subject: REED College Web Login

Dear User,

It has recently been observed that some users have difficulty logging into REED College Web. Please use this link to check your access.
If you can't login, contact at

Yours sincerely,

Janice Conor
Access Services Assistant
Reed College Library
3203 SE Woodstock Boulevard
Portland, OR 97202-8199
(503) 777-7552

If you follow the link in the message, the website looks like this:

Web Login phish

Warning! your apple account has been frozen temporarily - Posted

At first glance, this message may appear to be legit. The email is purportedly from Apple. A quick mouse hover over the "Verify Now" link reveals a non-Apple website. Don't fall for this phish!
From: "Apple" <>
Subject: Warning! your apple account has been frozen temporarily

Apple phish

Reed College | CIS | Help | E-Mail Clients - Posted

Don't be fooled by this phishy email! Although the link in the message looks like a Reed website, it redirects you to a different site. Don't enter your username or password!

From: Reed College
Subject: Reed College | CIS | Help | E-Mail Clients

Dear Reed College E-Mail Client,

This Email is from Reed College Computing & Information Services - CIS.

The Reed College email policy requires the CIS to send an e-mail communication to you informing you of this emergency updates.

Reed College will be making some vital e-mail account maintenance to ensure high quality in Internet connectivity, in other to boost our sever's anti-spam & anti-phishing server capacity.

All Mail-hub systems will also undergo regularly scheduled maintenance operation. To keep your account active during and after this process, kindly follow the University's email-account re-verification link below;


Reed College
3203 SE Woodstock Blvd  Portland, OR 97202, United States

Copyright © 2013 Reed College Computing & Information Services


The link in the message redirects to a website that looks like this:

Phishy website

Phishing message that appears to come from CUS! - Posted

The following message appears to come from the CUS Help Desk, even though we did not send it! This is just another clever attempt by the phishers who want to trick you into revealing your username and password. Do not follow the link in the message or enter your login information.
From: "CUS Help Desk" <>
Date: June 20, 2013 7:12:13 AM PDT
Subject: Reed Email Sign-in Alert

We detected a login attempt with valid password to your Reed email account from an unrecognized device on Thur Jun 20, 2013 07:08 AM EET.
Location: Germany (IP=
Note: The location is based on information from your Internet service or wireless carrier provider.

Was this you? If so, you can disregard the rest of this email.
If this wasn't you, please LOGIN HERE to confirm your ownership of this account and to protect your email account information from potential future account compromise. The office of Information Security will keep this updated if information should change, but we encourage all users to run their updates after the expected release of this patch.

Computer User Services (CUS), Help Desk
Computing & Information Services
© Copyright 2013 Reed College. All rights reserved.

Phish of a phish - Posted

This phishing email warns about being phished!
Phish of a phish

Information Technology Services Help Desk - Posted

It's true that Reed is migrating email to Gmail, but the following email is a phish. Don't be fooled!

Subject: Information Technology Services Help Desk
Date: Wed, 29 May 2013 14:04:32 +0300
From: Reed College <>

Dear User,

Reed College has upgraded the webmail server to a new and more secured
2013 version.

This will enable your webmail take a new look, with new functions and
anti-spam security.

You are advised to "Click" and "Follow" the link below to upgrade and to
enable advanced security features;


Reed College,
3203 Southeast Woodstock Boulevard,
Portand, Oregon
Copyright © 2013•

Phishy website

 View Current Threats