Northeastern is currently the specific target of a scam designed to steal money and financial information from members of our community. These criminals are using a process known as “spear phishing” – a highly targeted form of phishing that specifically focuses on a particular individual or group, with the aim of gaining access to your personal and financial information. Please read on to learn more about what to look for, and what actions to take if you are targeted.
Recently, Northeastern students, faculty and staff received emails appearing to be from the address neucourses[at]neu.edu. These emails have a variety of subject lines intended to draw people in, including “Internships and Jobs for NEU students !” and “Important Notice for Northeastern University students.” At a quick glance, the email looks like a new student service offered to assist with the interview process. Links in the email bring the reader to an authentic looking, but fake, site: neu-courses[dot]com.
The spoof site features the Northeastern logo, university web design elements and even the Empower campaign button. Fake classes are displayed with a Register Now button. This scam is designed specifically to steal money from those who input their information to the linked PayPal checkout.
Look Out For Red Flags
- Phishing emails and websites can be made to look like legitimate communications from Northeastern including university logos, however the text is typically written in poor English, including bad grammar and typos.
- Hover over links in the email to check whether they are legitimate. If any one does not look like it leads to an official Northeastern website, do not click on the link.
- If you are unsure whether email is legitimate, please contact either the ITS Service Desk (email@example.com) at 617.373.4357 (xHELP) or the Office of Information Security (firstname.lastname@example.org).
What should I do if I receive a phishing email?
If you receive a phishing email, do not click on any links or open attachments. Delete the email.
What if I accidentally respond to a phishing email?
If you responded to a phishing email with your myNEU username and password, please contact the ITS Service Desk at 617.373.4357 (xHELP) or email@example.com immediately. If you have responded to a a different phishing email with your financial or credit card information, please contact the issuing bank or credit company for assistance.
Questions or concerns? Please contact the ITS Service Desk at 617.373.4357 (xHELP) or firstname.lastname@example.org.