Internet & Security Threats • Library & Information Services • Carthage College

Known and Reported Threats

Carthage will occasionally be hit with phishing attempts via email, text, or phone. Current known, suspected, and reported security threats are shown below. If you do not see the threat that you are experiencing, it does not mean that it is not a threat. Use good judgment when communicating.
Use these instructions to recognize scams and phishing attempts.
Check if the links in the email are safe.
If you still have questions about the legitimacy of a communication, please email help@carthage.edu.

Ransomware On Your Personal Computer

Take a look at this article by Forbes about how to handle Ransomware on your personal computer.

What Should You Do?

If the threat does not appear in the list below, you can report it to LIS by clicking the “Internet Threat Report” link below.
Report it to Google from inside the message by clicking the arrow next to Reply, clicking More, then Clicking Report phishing.
Ignore or delete the message.
If you replied, clicked a link, provided any information through a form, or opened an attachment, reset your Carthage password and scan your computer for malware (Windows, Mac).
Email help@carthage.edu for questions or concerns.
Internet Threat Report

Message or Warning

Click on a link in the menu below to see more information about each threat.

If you know of a threat, please submit the form below to let Library and Information Services know:

Internet Threat Report

Thank you for reporting and checking our known threats page for this email! If you’ve come here to check if this is a known threat, reported it to LIS, deleted or marked the email as SPAM, you’ve handled it perfectly! Thank you for your conitnued attention to email and remaining cautious with anything suspicious!

Name: Your NAME

Payroll ID: xxx6876 3787

Dear Carthage College Employee,

As part of the new General Data Protection Regulations (EU) 2016/679 (GDPR), you are annualy required to opt-in to the corporate payroll direct deposit process.

Below, please find a secure link to verify your opt-in status and confirm your banking information.

Your immediate attention is required. If your response verification is not received by the end of business day 3/23/2024, your payroll will no longer be directly deposited into your account.

If you plan to opt-out of the corporate direct deposit process, complete the attached forms and return them promptly to your HR representative. Due to process requirements, if this is not received by Friday at the end of business, your payroll cannot be gaurentteed.

Keryn COBB shared a file with you

Human Resources Department,

Dr. John R. Swallow added you as a viewer. Verify your email to securely
view this document. You will need to verify your email every 7 days.

Dr. John R. Swallow
President
[image: icon] 2023July-Faculty_Staff Summer Benefit Program

[image: permission globe icon] This link will work for anyone.
Open
[image: Microsoft logo]
Privacy Statement

We have confirmed that a spoofed email (containing a variation of the below image) has made its way into a number of Carthage inboxes today; please click “Report As Spam” or delete if you received it. The Subject line could appear in various ways but will likely include the “Fwd: Item shared with you: “2023 BENEFIT OPEN ENROLLMENT AND PLAN UPDATES.pdf” If you have any questions please send via email to help@carthage.edu

Email Spoofing April 2023

Library and Information Services sent an email to all Carthage staff today at 4:30pm. The senders address will be “training@cyberriskaware.com”. This was an intended email sent by LIS and you can proceed to complete the training behind the link within the email. If you have any questions please email help@carthage.edu

LIS Required Cybersecurity Training - SAFE EMAIL

We have identified the email below as a known threat, please do not interact with it and mark it as SPAM. If you have received and interacted with it, change your password and then contact us at help@carthage.edu.

Threats_PhishEmail_Feb2023

The following has been identified as a potentially malicious email or phishing attempt. Please report as Phishing or SPAM if you’ve received it.

The following email has made its way to several hundred Carthage email inboxes. If you receive this email, please report it as Phishing with the banner in the email or click the “report as spam” icon in your email inbox (it has an exclamation point icon). We are working on filtering anything further and removing this threat from any additional inboxes.

From: Carthage College <tom@nytfestivalen.no>
Date: Tue, Oct 25, 2022 at 11:37 AM
Subject: Carthage College sent you a documents!
To: Carthage College <tom@nytfestivalen.no>

Carthage College has invited you to view the following document

[Folder clipped] CC_0088902-44.pdf

Follow above for more details.

Thanks

Carthage College

2001 Alford Park Drive

Kenosha, WI 53140

(262) 551-8500

The following email has made its way to Carthage email inboxes. If you receive this email, please report it as SPAM with the banner in the email or click the “report as spam” icon in your email inbox (it has an exclamation point icon)

Known Threat : Email October 10 2022

The following is a known Phishing Attempt reported and confirmed on June 27th, 2022 - please do not interact with any part of the email and report the email as SPAM or Phishing from within to your Gmail inbox.

Known Phishing Attempt - Reported June 27, 2022

The following email went out from Carthage Library and Information Services about a legitimate training requirement from LIS and Carthage. Please take this message seriously and complete the training. The text of the email is below.

Hi xxxx@carthage.edu.

As indicated in our previous email, you currently have 1 assignment awaiting your completion. Please click the link below to register on our training platform called Cyber Risk Aware and complete your assigned training by 6/25/2022 4:30:00 AM.

Carthage College CyberRickAware Portal

Feel free to rate and provide feedback when prompted upon completion of this training.

Thank you,

Library and Information Services

We’ve been made aware of an email hoax that presents the subject “I.T EVALUATION.pdf” that is signed as John Swallow with link and an “OPEN” button. Please avoid opening or interacting with this email.

-Library and Information Services

caturner@ucmo.edu has shared the following item:

Today,
We are urgently conducting a short 5-minute survey about employee efficiency which requires staff to participate.
Your input is critical and will help carry out our responsibilities.

John R. Swallow
President

I.T EVALUATION.pdf

A recent phishing attempt via calendar invite has been identified and is actively being delivered in higher education institutions. The Meeting title is “Customer Service Review”, the email may appear to come from users from within our @carthage.edu domain. Please be cautious when acceppting any calendear invites you are not familar with.

-Library and information Services

We’ve been made aware of a phishing attempt that contains the following information and link to a “google doc”, please be on the lookout. Text of email:

See the changes in your Google Document “Contact Me - Form”: CLICK HERE

A user last made changes on 1/23/2022 1:09pm (India Standard Time) regarding the below:

Form submit

____________________________________________________

Powered by Google Docs

This is to notify all Carthage College Students and Staffs that we are validating active accounts.

Kidnly confirm that your account is still in use by clicking the validation link below:

Validate Email Account

Please note that any unvalidated accounts will be marked as disused and subsequently deleted within 72 hours.

Sincerely,

IT Help Desk
Carthage College Office of Information Technology

It’s tax season and attackers are capitalizing on that with this phishing email:

Accounting and tax software provider Intuit has notified customers of
an ongoing phishing campaign impersonating the company and trying to
lure victims with fake warnings that their Turbo Tax (Intuit) accounts have been
suspended.

Intuit’s alert follows reports received from customers who were
emailed and told that their Intuit accounts were “disabled following a
recent server security upgrade”

Email Typically Reads:

“We have temporarily disabled your account due to inactivity. It is
compulsory that you restore your access within the next 24 hours,”
the attackers say in the phishing messages, masquerading as the
Intuit Maintenance Team. “This is a result of recent security upgrade
on our server and database, to fight against vulnerability and
account theft as we begin the new tax season.”

A new phishing campaign is installing the BazarLoader/BazarBackdoor trojan through malicious CSV files. BazarBackdoor is a stealthy backdoor malware created to provide threat actors remote access to an internal device that can be used as a springboard for further lateral movement within a network. The phishing emails pretend to be “Payment Remittance Advice” with links to remote sites that download a CSV file with names similar to “document-21966.csv.”

Subject: Employee Benefit Program

Date: 1/18/2022

From: Stormy Crawford <crawfords@wbu.edu> or Denise P. Barrett <denise.barrett@famu.edu></denise.barrett@famu.edu></crawfords@wbu.edu>

The Employee Assistance Program (E.A.P.) will be supporting all employees with cash assistance as part of a benefit plan to help employees get through the hard times due to the COVID-19 pandemic.

The Employee Assistance program will provide $3,700 in assistance to all qualified employees after applications are reviewed, processed, and approved.

Visit the Employee Benefits portal and follow all instructions carefully and enter the most appropriate details to apply.

Note: the support program is only available to qualifying employees. All the information requested is required for your application to be processed.

Sincerely,

*Stormy Crawford*

Self-Service Admin