We received reports of a QR code phishing attack earlier today imitating our HR department. The email contained no body and was merely and attachment that attempted to look like a formal TCNJ document. There are a number of markers within, such as odd wording, the use of the word “Corporate” in relation to policies,…
The Information Technology Security Program intends to protect Internet and Information Technology systems resources and assure their availability to support all of the College’s operations.
View our latest guidelines for Working Remotely
Join us at 10AM on the 2nd Friday of every month for a virtual informal cybersecurity discussion. Learn More
Cybersecurity Alerts
Get alerts about the latest cybersecurity threats and ask questions about any security related topics.
[PHISH] An Exclusive Invitation Just For You
We have received reports of an attack this morning that unfortunately succeeded in compromising at least one TCNJ account, which the attacker then utilized to send more emails and add a level of legitimacy to the appearance of the email. This is an unsolicited invitation email that, upon clicking the link contained within, will lead…
[PHISH] Item shared with you: “-TCNJ- Important Classification Compensation and Benefit System”
An employee impersonation email is making the round this morning. Attacker is leveraging the Google Forms environment to send a fake compensation document out. By using the Google infrastructure it appears legitimate and gets past any initial filters. Notice in the email body however the senders true email address is revealed. Please be thorough when…
[PHISH] Payment Request for new Invoice
We are seeing another round of emails impersonating President Bernstein this morning approving payments for fraudulent invoices. Please see email examples below. Note that despite the email addresses appearing in the email body as tcnj.edu addresses and blue links, if you hover over them (same as you would with URLs) in the bottom left the…
[PHISH] The College of New Jersey – Gusto Inc: Marketing Strategy Deployment
We received a few reports regarding a phishing email circulating that impersonates President Bernstein. In this novel attack, the sender is acting as the approver and including the false “initial email” and then copying people they think could initiate the transfer. Note that the sender’s email address is not President Bernstein’s TCNJ address, nor is…
[PHISH] Complete with Docusign: tcnj.edu Payments MSA Agreement – username.789901-01).docx
We received a report of a new DocuSign phishing email making the rounds. Note that the sender is not docusign.com and the link points to ad.doubleclick.net and not docusign.com. This is a tactic attackers use to obfuscate and redirect to a different landing page. See examples below. The landing page URL is not DocuSign or…
[PHISH] Action Required: Faculty MFA Enrollment
We received reports of an email targeting our users claiming to roll out MFA. TCNJ has used Duo MFA for some time now. Things to note regarding this attack: The sender address is not a tcnj.edu address. The link in the email points to a non tcnj.edu domain. The landing page contains no TCNJ branding…
[PHISH] EmpIoyee Performance EvaIuation
We received reports of an email sent to a number of users that claimed to contain employee performance evaluations. The email comes from an .edu address but not a TCNJ one, and uses language to indicate urgency. Also the link goes to a Jotform form imitating a login page. Also note the word “PASSWORD” is…
[PHISH] Hello, Review 2025 Salary Adjustment Payroll & Updated Team Benefit-Bonus_For Your Approval Ref:-I8eFAqdNgSV5P80J9SWYZIy3Kma62Y
We received a report regarding another phishing email that attempted to get users to scan a QR code to visit a malicious site that tries to harvest users’ credentials. See example below. Note that the email does not come from a TCNJ.edu address, as well as the odd capitalization used. Be cautious of unfamiliar emails…
[PHISH] Text Message About Closing Email Account
We have received reports that TCNJ users are receiving text messages claiming to be from the help desk about a request that the user close their school email address. The TCNJ help desk will not contact you about matters such as this via text message. Note in the screenshots below, the phone number does not…