Use your mouse to hover over a link in an email and beware sites that end with “.de”.<\/p>\n\n\n\n The email appears to be an elegant digital invitation from Greenvelope<\/strong>, a legitimate e-invitation service. It looks professional, clean, and features an aesthetic floral design.<\/p>\n\n\n\n The hook is simple:<\/strong> Curiosity. You receive an invitation for a “Dinner Party” with no sender name clearly visible in the graphic, tempting you to click the “Invitation”<\/strong> or “RSVP”<\/strong> links to see who is hosting.<\/p>\n\n\n\n This “soft” approach is often more effective than aggressive scams because it doesn’t raise immediate red flags. Here is why it’s high-level:<\/p>\n\n\n\n Remember:<\/strong> If an invitation to a fancy party arrives out of the blue, it\u2019s likely not a seat at the table\u2014it\u2019s an attempt to steal your seat at VCU.<\/p>\n\n\n\n Stay safe and stay skeptical!<\/p>\n","protected":false},"excerpt":{"rendered":" The “Dinner Party” Phishing Scam: Don’t RSVP to Danger The latest phishing attempt hitting VCU inboxes is a masterclass in subtlety. Instead of scary threats about account deactivation, this one uses social engineering to pique your curiosity with a sophisticated-looking “Dinner Party” invitation. We have seen repeated use of this Greenvelope tool being used to […]<\/p>\n","protected":false},"author":1597,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-3396","post","type-post","status-publish","format-standard","hentry","category-uncategorized"],"_links":{"self":[{"href":"https:\/\/blogs.vcu.edu\/phishing\/wp-json\/wp\/v2\/posts\/3396","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blogs.vcu.edu\/phishing\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blogs.vcu.edu\/phishing\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blogs.vcu.edu\/phishing\/wp-json\/wp\/v2\/users\/1597"}],"replies":[{"embeddable":true,"href":"https:\/\/blogs.vcu.edu\/phishing\/wp-json\/wp\/v2\/comments?post=3396"}],"version-history":[{"count":0,"href":"https:\/\/blogs.vcu.edu\/phishing\/wp-json\/wp\/v2\/posts\/3396\/revisions"}],"wp:attachment":[{"href":"https:\/\/blogs.vcu.edu\/phishing\/wp-json\/wp\/v2\/media?parent=3396"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blogs.vcu.edu\/phishing\/wp-json\/wp\/v2\/categories?post=3396"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blogs.vcu.edu\/phishing\/wp-json\/wp\/v2\/tags?post=3396"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}},{"id":3394,"date":"2026-04-03T17:42:34","date_gmt":"2026-04-03T17:42:34","guid":{"rendered":"https:\/\/blogs.vcu.edu\/phishing\/?p=3394"},"modified":"2026-04-03T17:57:48","modified_gmt":"2026-04-03T17:57:48","slug":"urgent-job-scam-alert-vacancy-announcement-administrative-assistant-part-time","status":"publish","type":"post","link":"https:\/\/blogs.vcu.edu\/phishing\/2026\/04\/03\/urgent-job-scam-alert-vacancy-announcement-administrative-assistant-part-time\/","title":{"rendered":"URGENT: [Job Scam Alert] Vacancy Announcement: Administrative Assistant (Part-Time)"},"content":{"rendered":"\n Other Subject Lines: WORK AND STUDY PART-TIME<\/strong> & Virginia Commonwealth University Act Now<\/strong><\/p>\n\n\n\n The Information Security office is aware of a job scam<\/strong> which originated from the email ‘gabrielsanchez712396@gmail[.]com’ <\/strong>The scammer compromised a number of VCU email accounts and used them to further the scam. This was done so that it appeared legitimate, as the scam was now coming from @vcu.edu<\/a> email addresses.<\/p>\n\n\n\n Please stop all communications <\/strong>with the job scammer immediately.<\/strong><\/p>\n\n\n\n Additionally do not <\/strong>deposit any checks or send the scammer any money, gift-cards, cash app or other forms of payments.<\/p>\n\n\n\n If you shared any information with the scammer such as phone number or address, they may attempt to contact you with other job scams. If you receive any odd or suspicious emails or job scam texts, please report those emails or texts to phishing@vcu.edu<\/a>. <\/p>\n\n\n\n VCU will never ask for your password or ask you to validate your credentials to continue using our email system. VCU will never offer you a job in which you did not apply for. <\/p>\n\n\n\n If you did not click on the google form, submit your credentials, or communicate with the scammer then there is no action needed on your end.<\/em><\/strong><\/p>\n","protected":false},"excerpt":{"rendered":" Other Subject Lines: WORK AND STUDY PART-TIME & Virginia Commonwealth University Act Now The Information Security office is aware of a job scam which originated from the email ‘gabrielsanchez712396@gmail[.]com’ The scammer compromised a number of VCU email accounts and used them to further the scam. This was done so that it appeared legitimate, as the scam was now […]<\/p>\n","protected":false},"author":927,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-3394","post","type-post","status-publish","format-standard","hentry","category-uncategorized"],"_links":{"self":[{"href":"https:\/\/blogs.vcu.edu\/phishing\/wp-json\/wp\/v2\/posts\/3394","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blogs.vcu.edu\/phishing\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blogs.vcu.edu\/phishing\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blogs.vcu.edu\/phishing\/wp-json\/wp\/v2\/users\/927"}],"replies":[{"embeddable":true,"href":"https:\/\/blogs.vcu.edu\/phishing\/wp-json\/wp\/v2\/comments?post=3394"}],"version-history":[{"count":0,"href":"https:\/\/blogs.vcu.edu\/phishing\/wp-json\/wp\/v2\/posts\/3394\/revisions"}],"wp:attachment":[{"href":"https:\/\/blogs.vcu.edu\/phishing\/wp-json\/wp\/v2\/media?parent=3394"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blogs.vcu.edu\/phishing\/wp-json\/wp\/v2\/categories?post=3394"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blogs.vcu.edu\/phishing\/wp-json\/wp\/v2\/tags?post=3394"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}},{"id":3390,"date":"2026-04-01T15:39:16","date_gmt":"2026-04-01T15:39:16","guid":{"rendered":"https:\/\/blogs.vcu.edu\/phishing\/?p=3390"},"modified":"2026-04-01T15:39:17","modified_gmt":"2026-04-01T15:39:17","slug":"fake-text-from-it-vcu-it-will-never-text-you","status":"publish","type":"post","link":"https:\/\/blogs.vcu.edu\/phishing\/2026\/04\/01\/fake-text-from-it-vcu-it-will-never-text-you\/","title":{"rendered":"Fake Text From IT…VCU IT Will Never Text You!"},"content":{"rendered":"\n We are issuing a formal warning regarding a fraudulent messaging campaign currently targeting Virginia Commonwealth University students and faculty.<\/p>\n\n\n\n The scam involves a text message or email claiming to be from the “Microsoft IT Help Department.”<\/strong> The message falsely alleges that a request has been initiated to deactivate your official VCU email account and prompts you to respond or click a link to cancel the action.<\/p>\n\n\n\n To help you identify this and future threats, please note the following red flags:<\/p>\n\n\n\n If you receive this message or any communication that feels suspicious, please adhere to the following security protocols:<\/p>\n\n\n\n If you have already interacted with the message or provided your credentials, please change your VCU eID password immediately and contact phishing@vcu.edu<\/strong> or the IT Support Center at (804) 828-2227<\/strong>.<\/p>\n\n\n\n The information security office has now activated our phishing@vcu.edu<\/strong> inbox to be the official inbox users should report suspicious emails to. Please assist us in spreading the word that our office would now prefer the VCU Community to report suspicious emails to phishing@vcu.edu<\/strong> instead of infosec@vcu.edu<\/strong>.<\/p>\n","protected":false},"excerpt":{"rendered":" We are issuing a formal warning regarding a fraudulent messaging campaign currently targeting Virginia Commonwealth University students and faculty. The scam involves a text message or email claiming to be from the “Microsoft IT Help Department.” The message falsely alleges that a request has been initiated to deactivate your official VCU email account and prompts […]<\/p>\n","protected":false},"author":1597,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-3390","post","type-post","status-publish","format-standard","hentry","category-uncategorized"],"_links":{"self":[{"href":"https:\/\/blogs.vcu.edu\/phishing\/wp-json\/wp\/v2\/posts\/3390","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blogs.vcu.edu\/phishing\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blogs.vcu.edu\/phishing\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blogs.vcu.edu\/phishing\/wp-json\/wp\/v2\/users\/1597"}],"replies":[{"embeddable":true,"href":"https:\/\/blogs.vcu.edu\/phishing\/wp-json\/wp\/v2\/comments?post=3390"}],"version-history":[{"count":0,"href":"https:\/\/blogs.vcu.edu\/phishing\/wp-json\/wp\/v2\/posts\/3390\/revisions"}],"wp:attachment":[{"href":"https:\/\/blogs.vcu.edu\/phishing\/wp-json\/wp\/v2\/media?parent=3390"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blogs.vcu.edu\/phishing\/wp-json\/wp\/v2\/categories?post=3390"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blogs.vcu.edu\/phishing\/wp-json\/wp\/v2\/tags?post=3390"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}},{"id":3388,"date":"2026-02-06T17:32:11","date_gmt":"2026-02-06T17:32:11","guid":{"rendered":"https:\/\/blogs.vcu.edu\/phishing\/?p=3388"},"modified":"2026-02-06T17:32:12","modified_gmt":"2026-02-06T17:32:12","slug":"new-phishing-alert-fake-vcu-two%e2%80%91factor-enrollment-email","status":"publish","type":"post","link":"https:\/\/blogs.vcu.edu\/phishing\/2026\/02\/06\/new-phishing-alert-fake-vcu-two%e2%80%91factor-enrollment-email\/","title":{"rendered":"New Phishing Alert: Fake VCU Two\u2011Factor Enrollment Email"},"content":{"rendered":"\n A new phishing email is circulating through our community, and this one is crafted to look highly official. Attackers are attempting to steal user credentials by imitating a \u201cVCU Two\u2011Factor enrollment update,\u201d complete with university branding and a QR code that leads to a malicious website.<\/p>\n\n\n\n VCU will NEVER ask for your personal data with a QR code.<\/p>\n\n\n\n QR codes are dominating the hacker scene right now please NEVER scan a qr code or click a link from an email you don’t recognize. Try googling more about the request first in a seperate tab. <\/p>\n\n\n\n Scanning the QR code or clicking any links may send you to a fake login portal designed to capture:<\/p>\n\n\n\n Once an attacker gains access to your account, they can attempt further compromises, send additional phishing messages, and potentially access protected data.<\/p>\n\n\n\n Look for these warning signs:<\/p>\n\n\n\n If you did not request an MFA update, you should never receive one without official notice from VCU Technology Services.<\/p>\n\n\n\n If you scanned the code or entered any information:<\/p>\n\n\n\n <\/p>\n","protected":false},"excerpt":{"rendered":" A new phishing email is circulating through our community, and this one is crafted to look highly official. Attackers are attempting to steal user credentials by imitating a \u201cVCU Two\u2011Factor enrollment update,\u201d complete with university branding and a QR code that leads to a malicious website. VCU will NEVER ask for your personal data with […]<\/p>\n","protected":false},"author":1597,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-3388","post","type-post","status-publish","format-standard","hentry","category-uncategorized"],"_links":{"self":[{"href":"https:\/\/blogs.vcu.edu\/phishing\/wp-json\/wp\/v2\/posts\/3388","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blogs.vcu.edu\/phishing\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blogs.vcu.edu\/phishing\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blogs.vcu.edu\/phishing\/wp-json\/wp\/v2\/users\/1597"}],"replies":[{"embeddable":true,"href":"https:\/\/blogs.vcu.edu\/phishing\/wp-json\/wp\/v2\/comments?post=3388"}],"version-history":[{"count":0,"href":"https:\/\/blogs.vcu.edu\/phishing\/wp-json\/wp\/v2\/posts\/3388\/revisions"}],"wp:attachment":[{"href":"https:\/\/blogs.vcu.edu\/phishing\/wp-json\/wp\/v2\/media?parent=3388"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blogs.vcu.edu\/phishing\/wp-json\/wp\/v2\/categories?post=3388"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blogs.vcu.edu\/phishing\/wp-json\/wp\/v2\/tags?post=3388"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}},{"id":3386,"date":"2026-02-05T16:49:43","date_gmt":"2026-02-05T16:49:43","guid":{"rendered":"https:\/\/blogs.vcu.edu\/phishing\/?p=3386"},"modified":"2026-02-05T16:49:45","modified_gmt":"2026-02-05T16:49:45","slug":"invitation-to-party-scam","status":"publish","type":"post","link":"https:\/\/blogs.vcu.edu\/phishing\/2026\/02\/05\/invitation-to-party-scam\/","title":{"rendered":"Invitation to party? SCAM"},"content":{"rendered":"\n A new phishing campaign is making the rounds on campus, and it\u2019s disguised as something friendly and harmless: a party invitation.<\/p>\n\n\n\n Recently, members of our community received an email claiming \u201cYou\u2019re invited to my private party,\u201d<\/strong> complete with what looks like an e\u2011card and a link to \u201cdownload the card.\u201d While it may appear like a simple digital invitation, this message is a malicious phishing attempt designed to trick recipients into downloading harmful content or entering personal information.<\/strong><\/p>\n\n\n\n Here\u2019s what you need to know to stay safe.<\/p>\n\n\n\n This scam is subtle, but several features should raise suspicion:<\/p>\n\n\n\n There is no event name, no sender context, and no personal detail\u2014hallmarks of mass\u2011sent phishing.<\/p>\n\n\n\n Legitimate invitation platforms do not require you to download a file to view an invite.<\/p>\n\n\n\n The email shown has large blank areas, odd alignment, and mismatched fonts\u2014common signs of a hastily constructed phishing template.<\/p>\n\n\n\n The message originates from an unknown external address pretending to represent a known service.<\/p>\n\n\n\n Here\u2019s what to do:<\/p>\n\n\n\n <\/p>\n\n\n\n Stay safe online and remember to do your annual security training!<\/p>\n","protected":false},"excerpt":{"rendered":" A new phishing campaign is making the rounds on campus, and it\u2019s disguised as something friendly and harmless: a party invitation. Recently, members of our community received an email claiming \u201cYou\u2019re invited to my private party,\u201d complete with what looks like an e\u2011card and a link to \u201cdownload the card.\u201d While it may appear like […]<\/p>\n","protected":false},"author":1597,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-3386","post","type-post","status-publish","format-standard","hentry","category-uncategorized"],"_links":{"self":[{"href":"https:\/\/blogs.vcu.edu\/phishing\/wp-json\/wp\/v2\/posts\/3386","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blogs.vcu.edu\/phishing\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blogs.vcu.edu\/phishing\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blogs.vcu.edu\/phishing\/wp-json\/wp\/v2\/users\/1597"}],"replies":[{"embeddable":true,"href":"https:\/\/blogs.vcu.edu\/phishing\/wp-json\/wp\/v2\/comments?post=3386"}],"version-history":[{"count":0,"href":"https:\/\/blogs.vcu.edu\/phishing\/wp-json\/wp\/v2\/posts\/3386\/revisions"}],"wp:attachment":[{"href":"https:\/\/blogs.vcu.edu\/phishing\/wp-json\/wp\/v2\/media?parent=3386"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blogs.vcu.edu\/phishing\/wp-json\/wp\/v2\/categories?post=3386"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blogs.vcu.edu\/phishing\/wp-json\/wp\/v2\/tags?post=3386"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}},{"id":3382,"date":"2025-12-11T20:59:59","date_gmt":"2025-12-11T20:59:59","guid":{"rendered":"https:\/\/blogs.vcu.edu\/phishing\/?p=3382"},"modified":"2025-12-11T21:01:49","modified_gmt":"2025-12-11T21:01:49","slug":"text-from-dr-rao-12-11-25","status":"publish","type":"post","link":"https:\/\/blogs.vcu.edu\/phishing\/2025\/12\/11\/text-from-dr-rao-12-11-25\/","title":{"rendered":"Text from Dr. Rao 12\/11\/25"},"content":{"rendered":"\n Please beware of a text scam impersonating Dr. Rao asking for help with a quick task. If you received this it is a scam please do not respond to the scammer. See example of the scam below. <\/p>\n\n\n\n Please report to infosec@vcu.edu, if you have further questions or comments. <\/p>\n\n\n\n Please beware of a text scam impersonating Dr. Rao asking for help with a quick task. If you received this it is a scam please do not respond to the scammer. See example of the scam below. Please report to infosec@vcu.edu, if you have further questions or comments.<\/p>\n","protected":false},"author":1597,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-3382","post","type-post","status-publish","format-standard","hentry","category-uncategorized"],"_links":{"self":[{"href":"https:\/\/blogs.vcu.edu\/phishing\/wp-json\/wp\/v2\/posts\/3382","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blogs.vcu.edu\/phishing\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blogs.vcu.edu\/phishing\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blogs.vcu.edu\/phishing\/wp-json\/wp\/v2\/users\/1597"}],"replies":[{"embeddable":true,"href":"https:\/\/blogs.vcu.edu\/phishing\/wp-json\/wp\/v2\/comments?post=3382"}],"version-history":[{"count":0,"href":"https:\/\/blogs.vcu.edu\/phishing\/wp-json\/wp\/v2\/posts\/3382\/revisions"}],"wp:attachment":[{"href":"https:\/\/blogs.vcu.edu\/phishing\/wp-json\/wp\/v2\/media?parent=3382"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blogs.vcu.edu\/phishing\/wp-json\/wp\/v2\/categories?post=3382"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blogs.vcu.edu\/phishing\/wp-json\/wp\/v2\/tags?post=3382"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}},{"id":3378,"date":"2025-08-14T23:17:25","date_gmt":"2025-08-14T23:17:25","guid":{"rendered":"https:\/\/blogs.vcu.edu\/phishing\/?p=3378"},"modified":"2025-08-14T23:17:27","modified_gmt":"2025-08-14T23:17:27","slug":"fake-vcu-login-page-linked-in-phishing-email","status":"publish","type":"post","link":"https:\/\/blogs.vcu.edu\/phishing\/2025\/08\/14\/fake-vcu-login-page-linked-in-phishing-email\/","title":{"rendered":"FAKE VCU Login Page linked in Phishing Email"},"content":{"rendered":"\n Hello please beware a phishing email matching the description below this phishing email contains a fake webpage to capture your username and password. Please reset your password if you have clicked the link. <\/p>\n\n\n\n\n\n\n\n\n\n\n\n Hello please beware a phishing email matching the description below this phishing email contains a fake webpage to capture your username and password. Please reset your password if you have clicked the link.<\/p>\n","protected":false},"author":1597,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-3378","post","type-post","status-publish","format-standard","hentry","category-uncategorized"],"_links":{"self":[{"href":"https:\/\/blogs.vcu.edu\/phishing\/wp-json\/wp\/v2\/posts\/3378","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blogs.vcu.edu\/phishing\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blogs.vcu.edu\/phishing\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blogs.vcu.edu\/phishing\/wp-json\/wp\/v2\/users\/1597"}],"replies":[{"embeddable":true,"href":"https:\/\/blogs.vcu.edu\/phishing\/wp-json\/wp\/v2\/comments?post=3378"}],"version-history":[{"count":0,"href":"https:\/\/blogs.vcu.edu\/phishing\/wp-json\/wp\/v2\/posts\/3378\/revisions"}],"wp:attachment":[{"href":"https:\/\/blogs.vcu.edu\/phishing\/wp-json\/wp\/v2\/media?parent=3378"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blogs.vcu.edu\/phishing\/wp-json\/wp\/v2\/categories?post=3378"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blogs.vcu.edu\/phishing\/wp-json\/wp\/v2\/tags?post=3378"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}},{"id":3374,"date":"2025-07-28T19:12:11","date_gmt":"2025-07-28T19:12:11","guid":{"rendered":"https:\/\/blogs.vcu.edu\/phishing\/?p=3374"},"modified":"2025-07-28T19:12:59","modified_gmt":"2025-07-28T19:12:59","slug":"important-survey-is-a-scam-7-28-2025","status":"publish","type":"post","link":"https:\/\/blogs.vcu.edu\/phishing\/2025\/07\/28\/important-survey-is-a-scam-7-28-2025\/","title":{"rendered":"Important Survey is a SCAM 7\/28\/2025"},"content":{"rendered":"\n Please beware documents being shared with you that include a link to a google form asking for you to input your sensitive information. Scammers are taking the time to form targeted scams using VCU logos and well known VCU users to trick you. Please be hyper aware even email addresses you believe you can trust could be hacked and send phishing.<\/p>\n\n\n\n Do not interact with the scam and please email infosec@vcu.edu if you have filled out this form.<\/p>\n\n\n\n Below our examples of the phishing scam. <\/p>\n\n\n\n VCU will never ask you for your sensitive data and we would know how to spell password. Please email infosec@vcu.edu for any details, questions, or reports. <\/p>\n","protected":false},"excerpt":{"rendered":" Please beware documents being shared with you that include a link to a google form asking for you to input your sensitive information. Scammers are taking the time to form targeted scams using VCU logos and well known VCU users to trick you. Please be hyper aware even email addresses you believe you can trust […]<\/p>\n","protected":false},"author":1597,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-3374","post","type-post","status-publish","format-standard","hentry","category-uncategorized"],"_links":{"self":[{"href":"https:\/\/blogs.vcu.edu\/phishing\/wp-json\/wp\/v2\/posts\/3374","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blogs.vcu.edu\/phishing\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blogs.vcu.edu\/phishing\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blogs.vcu.edu\/phishing\/wp-json\/wp\/v2\/users\/1597"}],"replies":[{"embeddable":true,"href":"https:\/\/blogs.vcu.edu\/phishing\/wp-json\/wp\/v2\/comments?post=3374"}],"version-history":[{"count":0,"href":"https:\/\/blogs.vcu.edu\/phishing\/wp-json\/wp\/v2\/posts\/3374\/revisions"}],"wp:attachment":[{"href":"https:\/\/blogs.vcu.edu\/phishing\/wp-json\/wp\/v2\/media?parent=3374"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blogs.vcu.edu\/phishing\/wp-json\/wp\/v2\/categories?post=3374"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blogs.vcu.edu\/phishing\/wp-json\/wp\/v2\/tags?post=3374"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}},{"id":3372,"date":"2025-07-21T17:36:05","date_gmt":"2025-07-21T17:36:05","guid":{"rendered":"https:\/\/blogs.vcu.edu\/phishing\/?p=3372"},"modified":"2025-07-21T17:36:06","modified_gmt":"2025-07-21T17:36:06","slug":"document-shared-with-you-scam","status":"publish","type":"post","link":"https:\/\/blogs.vcu.edu\/phishing\/2025\/07\/21\/document-shared-with-you-scam\/","title":{"rendered":"“Document Shared with You” SCAM"},"content":{"rendered":"\n Hello, please be aware that we are seeing a high number of “document shared with you scams” being reported to our team. This is a way hackers can get through our email security to trick users into giving up their login credentials. Often these links lead to google forms asking for your information.<\/p>\n\n\n\n Please stay away from emails that you are not expecting and beware the google forms asking for your information.<\/p>\n\n\n\n VCU will never ask for your personal data through a google form.<\/p>\n\n\n\n <\/p>\n\n\n\n Example of one of the reports below.<\/p>\n\n\n\n Hello, please be aware that we are seeing a high number of “document shared with you scams” being reported to our team. This is a way hackers can get through our email security to trick users into giving up their login credentials. Often these links lead to google forms asking for your information. Please stay […]<\/p>\n","protected":false},"author":1597,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-3372","post","type-post","status-publish","format-standard","hentry","category-uncategorized"],"_links":{"self":[{"href":"https:\/\/blogs.vcu.edu\/phishing\/wp-json\/wp\/v2\/posts\/3372","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blogs.vcu.edu\/phishing\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blogs.vcu.edu\/phishing\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blogs.vcu.edu\/phishing\/wp-json\/wp\/v2\/users\/1597"}],"replies":[{"embeddable":true,"href":"https:\/\/blogs.vcu.edu\/phishing\/wp-json\/wp\/v2\/comments?post=3372"}],"version-history":[{"count":0,"href":"https:\/\/blogs.vcu.edu\/phishing\/wp-json\/wp\/v2\/posts\/3372\/revisions"}],"wp:attachment":[{"href":"https:\/\/blogs.vcu.edu\/phishing\/wp-json\/wp\/v2\/media?parent=3372"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blogs.vcu.edu\/phishing\/wp-json\/wp\/v2\/categories?post=3372"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blogs.vcu.edu\/phishing\/wp-json\/wp\/v2\/tags?post=3372"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}},{"id":3370,"date":"2025-07-17T17:04:46","date_gmt":"2025-07-17T17:04:46","guid":{"rendered":"https:\/\/blogs.vcu.edu\/phishing\/?p=3370"},"modified":"2025-07-17T17:04:49","modified_gmt":"2025-07-17T17:04:49","slug":"office-365-scam-email-with-fake-form","status":"publish","type":"post","link":"https:\/\/blogs.vcu.edu\/phishing\/2025\/07\/17\/office-365-scam-email-with-fake-form\/","title":{"rendered":"Office 365 Scam Email with Fake Form"},"content":{"rendered":"\n This phishing email was report to infosec@vcu.edu around 12:33pm today.<\/p>\n\n\n\n The phishing email contained a Google Form asking for sensitive information. <\/p>\n\n\n\n This is a scam intended to steal money from you. <\/p>\n\n\n\n If you submitted the Google form, please be aware that the scammer will likely contact you pretending to be VCU Staff\/IT asking for a password or DUO code. Please remember, VCU IT<\/strong> will never ask you for your password or DUO code. <\/strong>Additionally we’ve received reports that the scammer may attempt to extort users to access their accounts.<\/p>\n\n\n\n If you have received this message and responded to the scammer, please immediately cease all communications. If you receive any suspicious calls or emails or provided your password\/DUO code to the phisher, please let us know (infosec@vcu.edu<\/a>). <\/p>\n\n\n\n Example of the email sent out below.<\/p>\n\n\n\n VCU IT\u00a0will\u00a0never ask you for your password or DUO code.\u00a0<\/p>\n","protected":false},"excerpt":{"rendered":" This phishing email was report to infosec@vcu.edu around 12:33pm today. The phishing email contained a Google Form asking for sensitive information. This is a scam intended to steal money from you. If you submitted the Google form, please be aware that the scammer will likely contact you pretending to be VCU Staff\/IT asking for a […]<\/p>\n","protected":false},"author":1597,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-3370","post","type-post","status-publish","format-standard","hentry","category-uncategorized"],"_links":{"self":[{"href":"https:\/\/blogs.vcu.edu\/phishing\/wp-json\/wp\/v2\/posts\/3370","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blogs.vcu.edu\/phishing\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blogs.vcu.edu\/phishing\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blogs.vcu.edu\/phishing\/wp-json\/wp\/v2\/users\/1597"}],"replies":[{"embeddable":true,"href":"https:\/\/blogs.vcu.edu\/phishing\/wp-json\/wp\/v2\/comments?post=3370"}],"version-history":[{"count":0,"href":"https:\/\/blogs.vcu.edu\/phishing\/wp-json\/wp\/v2\/posts\/3370\/revisions"}],"wp:attachment":[{"href":"https:\/\/blogs.vcu.edu\/phishing\/wp-json\/wp\/v2\/media?parent=3370"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blogs.vcu.edu\/phishing\/wp-json\/wp\/v2\/categories?post=3370"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blogs.vcu.edu\/phishing\/wp-json\/wp\/v2\/tags?post=3370"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}]![\"\"](\"https:\/\/blogs.vcu.edu\/phishing\/wp-content\/uploads\/sites\/565\/2026\/04\/Screenshot-2026-04-06-101441.png\")
<\/figure>\n\n\n\n![\"\"](\"https:\/\/blogs.vcu.edu\/phishing\/wp-content\/uploads\/sites\/565\/2026\/04\/Screenshot-2026-04-06-101405.png\")
<\/figure>\n\n\n\nAnatomy of the Scam<\/h3>\n\n\n\n
Why This is Dangerous<\/h3>\n\n\n\n
\n
What to Do<\/h3>\n\n\n\n
\n
![\"\"](\"https:\/\/blogs.vcu.edu\/phishing\/wp-content\/uploads\/sites\/565\/2026\/04\/IMG_5077-1-473x1024.png\")
<\/figure>\n\n\n\nKey Indicators of Fraud<\/h3>\n\n\n\n
\n
Recommended Action Plan<\/h3>\n\n\n\n
\n
![\"\"](\"https:\/\/blogs.vcu.edu\/phishing\/wp-content\/uploads\/sites\/565\/2026\/02\/phishingpc3.png\")
<\/figure>\n\n\n\nWhy This Scam Is Dangerous<\/strong><\/h2>\n\n\n\n
\n
How to Spot This Scam<\/strong><\/h2>\n\n\n\n
\n
What To Do If You Receive This Email<\/strong><\/h2>\n\n\n\n
\n
If You Already Interacted With the Email<\/strong><\/h2>\n\n\n\n
\n
![\"\"](\"https:\/\/blogs.vcu.edu\/phishing\/wp-content\/uploads\/sites\/565\/2026\/02\/phishingexample2-1024x951.jpg\")
<\/figure>\n\n\n\nRed Flags to Spot Immediately<\/strong><\/h2>\n\n\n\n
1. Generic, vague messaging<\/strong><\/h3>\n\n\n\n
2. Unexpected attachments or downloads<\/strong><\/h3>\n\n\n\n
3. Inconsistent formatting<\/strong><\/h3>\n\n\n\n
4. External, unverified email sender<\/strong><\/h3>\n\n\n\n
If You Receive an Email Like This<\/strong><\/h2>\n\n\n\n
\n
\n
![\"\"](\"https:\/\/blogs.vcu.edu\/phishing\/wp-content\/uploads\/sites\/565\/2025\/12\/unnamed-5-472x1024.png\")
<\/figure>\n","protected":false},"excerpt":{"rendered":"![\"\"](\"https:\/\/blogs.vcu.edu\/phishing\/wp-content\/uploads\/sites\/565\/2025\/08\/IMG_8943-472x1024.png\")
<\/figure>\n","protected":false},"excerpt":{"rendered":"![\"\"](\"https:\/\/blogs.vcu.edu\/phishing\/wp-content\/uploads\/sites\/565\/2025\/07\/2025-07-28-15_06_25-Sign-in-using-your-Work-or-School_-account.png\")
<\/figure>\n\n\n\n![\"\"](\"https:\/\/blogs.vcu.edu\/phishing\/wp-content\/uploads\/sites\/565\/2025\/07\/2025-07-28-15_04_07-Fwd_-Below-is-a-file-that-Andrew-Crislip-Ph.D.-Program-Chair-has-shared-with-y.png\")
<\/figure>\n\n\n\n![\"\"](\"https:\/\/blogs.vcu.edu\/phishing\/wp-content\/uploads\/sites\/565\/2025\/07\/2025-07-28-15_03_53-Fwd_-Below-is-a-file-that-Andrew-Crislip-Ph.D.-Program-Chair-has-shared-with-y.png\")
<\/figure>\n\n\n\n![\"\"](\"https:\/\/blogs.vcu.edu\/phishing\/wp-content\/uploads\/sites\/565\/2025\/07\/2025-07-21-13_23_32-Fwd_-Item-shared-with-you_-_Salary-and-Employee-Bonus-2025.pdf_-bryanc2@vcu.ed_.png\")
<\/figure>\n","protected":false},"excerpt":{"rendered":"![\"\"](\"https:\/\/blogs.vcu.edu\/phishing\/wp-content\/uploads\/sites\/565\/2025\/07\/scam1-1024x249.png\")
<\/figure>\n\n\n\n