Computing & Information Services

Computing Threats

Don't take the bait! This page shows example computing threats, such as phishing scams, that you should avoid. Phishers are fishing for your personal information, such as passwords and credit card numbers. Never provide this information by replying or following links in the email. Under no circumstances will CUS or other members of the CIS department ask for your password. If in doubt about the legitimacy of an email, contact CUS. To learn how to keep yourself protected, visit our phishing page.

To report a phishing scam you receive, email it (with full headers) to cus@reed.edu.

Google Hangout Phish - Posted

Spear phishers strike again! This time pretending to be a Reed employee (using a valid name and job title) on Google Hangouts! Be suspicious of any request no matter what communication method is used (email, chat, phone, text, etc.). Carefully examine the sender's contact info and please check with the Help Desk if in doubt.

hangoutphish1.jpg

hangoutphish2.jpg

Another spear phish message - Posted

Another spear phish message purportedly from the current president. On close inspection, you'll notice the sender's address is not quite right. Even if the sender's address appeared correct, be suspicious, as spoofing is a common tactic among phishers.
From: Hugh porter <presidentporterhugh@gmail.com>
Date: Wed, Nov 7, 2018 at 9:33 AM
Subject: Good Morning <Name>



Please, I need your assistance.

Thanks.

"Follow up" Email From (Ex) President of Reed - Posted

Hey, it's me, the College's ex-president following up with you about that one thing we talked about, are you available?

Nope! 

This is a great example of a spear phishing attack, where the spammer does some research about the target and uses real names of officials or employees to seem more legitimate. However, we immediately can see clues that the email is not coming from a college official (ie: spelling and punctuation errors, a non-organizational email address, and unnecessary ask with a sense of urgency). Keep your eyes peeled, and hit that spam button whenever you detect those! You can always contact CUS if you have any questions about the legitimacy of any message.

From: John Kroger <johnkroger.reed.edu@my.com>
Date: Mon, Oct 22, 2018 at 11:45 AM
Subject: Follow up 
To: undisclosed users


Are you available?

--
Best Regards,

president John Kroger
   

School billing statement malware - Posted

School is starting, and scammers are running wild, attempting to prey on the unsuspecting!  If you receive an unsolicited email requesting that you click a link or download an attached "school statement" to make a payment... be skeptical!  Contact Reed's Business Office (503-777-7505) to confirm that the message is legitimate.

Below is an example of an infected attachment in an email going around.  Gmail caught this one, but don't rely on Google to warn you of suspicious attachments.

malware infected attachment

Amazon phish targeting mailing lists - Posted

An phishing message purportedly from Amazon is targeting Reed's mailing lists. Don't follow the link in the email.
amazon phish image

 View Threat History

How to maintain this page ( CIS only )