Facebook pixel Identity Thieves Have Suspicious "Records" - IT Blog | Pepperdine Community Skip to main content
Pepperdine | Community

Scammers Try Using Suspicious "Records" to Steal Identities

Don't Be Fooled by Clever Scams Using Any Means

Many of us at Pepperdine have become familiar with phishing emails that on first glance looks to be from an executive using the line "Are you available?"  A second look at the from address shows that although the name may be familiar the email does NOT come from the executive's @pepperdine.edu email address.  At this point, most of us are not fooled by links in messages requiring urgent action, which take us to sites that look like this....

CAS login-screen

...but which are hosted at web addresses that look like this....

http://autohaus.willymueller.de

or

https://pepperdine.myhost.com/pepperdine/email

We know the identity of such sites are false because the web address isn't
https://logon.pepperdine.edu

Since last summer many at Pepperdine have been getting other deceptive communications:

  • Email purporting to be from their supervisor, but addressed from something like:
bosses.name.pepperdine@myemail.com
  • Phone calls claiming to be Microsoft technicians
  • US Mail containing digital media like a CDROM:

cd-roms

Pretty cute, huh?  A CD-ROM that looks like a vinyl 45 rpm record, but it's a CD.  So far, the senders of these have had some pretty sketchy pretexts - badly spelled notes offering web design work.  But, if you put this disk in your computer, you can bet it has malware on it.  And, the pretexts will get more believable.  Another common trick with media is to drop flash drives, and wait for someone to put it in their computer to figure out to whom it belongs.

These recent attempts to deceive us present an opportunity to remind each other:

  • Unexpected urgent emails - delete or verify with the purported sender.
  • Phone calls requesting access to your computer - request a call back number.
  • Digital media received in the mail, which you weren't expecting - don't put in your computer.
  • Flash drives or media found around campus - don't access but  turn in to DPS or Tech Central.

Staff and faculty are seen by criminals as the weakest link, but let's continue to be the last line of defense.