We are receiving reports of a phishing email utilizing Dropbox as a conduit to attempt to get users to download a malicious PDF. See example email below. Attackers often will use 3rd party services such as Dropbox to host malicious files and bypass spam filters. Be cautious of any file sharing links that you are…
The Information Technology Security Program intends to protect Internet and Information Technology systems resources and assure their availability to support all of the College’s operations.
View our latest guidelines for Working Remotely
Join us at 10AM on the 2nd Friday of every month for a virtual informal cybersecurity discussion. Learn More
Cybersecurity Alerts
Get alerts about the latest cybersecurity threats and ask questions about any security related topics.
[PHISH] Q1 Employee Handbook|Policy Reviews-88638-ZHDN-NHHD-UPQN
We have received reports about an attacker impersonating our HR department. See example email below. Note that the sender email address is not a tcnj.edu address. Hovering over the link also shows an unusual URL destination. The email also uses a TCNJ logo and enticing wording to attempt to lure people into clicking the link. …
[PHISH] You sent a payment (from PayPal)
We are receiving reports of a PayPal scam being sent to TCNJ users. The attacks leverage compromised PayPal accounts to send false money transfers and requests and include a false phone number to contact regarding the transfer. Note that the phone number substitutes digits for letters to attempt to evade filtering. Do not call this…
[PHISH] You added a new address – PayPal
We received reports of a PayPal phishing scam that appears to be rather sophisticated. The emails and link in the body do appear to come from paypal.com but are not legitimate, the phone number included is not associated with PayPal and the link may be used to redirect to a false login page. If you…
[PHISH] Text Messages Regarding Shutting Down Email
We have received reports of users receiving text messages claiming to be from the IT Help Desk stating their school email is being shut down. They request approving a Duo push to prevent cancellation, and if the password they have doesn’t work, they are requesting the password. The TCNJ IT Help Desk will never contact…
[Phish] Subject: RA-NEEDED!!!!!
This is not a real job offer. Please ignore and delete the message. From: Paluska Bence <paluska.bence@blathy.info> Date: Sun, Dec 15, 2024 at 11:42 AM Subject: RA-NEEDED!!!!! To: Dear Students at The College of New Jersey, The College of New Jersey is currently seeking the assistance of dedicated and computer-savvy students (both graduate and undergraduate) for…
[PHISH] ACT NOW
We are seeing a number of TCNJ user’s receiving emails regarding inactive accounts prompting them to complete a Google form to maintain access. Note that the attacker’s intentionally avoid using the word Password in the form as this will alert Google to potential phishing activity. Always verify any emails of this nature by reporting them…
[Phish] SMS Let me know if you’re available
We received a reports of a text message from 908-897-XXXX impersonating President Bernstein asking if the recipient is available. This is a scam. Ignore and delete the message. Do not reply.
[PHISH] SMS message asking about closing TCNJ email
See example below. TCNJ’s Help Desk will never contact you via text message in this manner. Please note the area code in the screenshot is outside of New Jersey as well. Be sure to always verify suspicious messages via alternative means, such as emailing us here at phish@tcnj.edu. Thank you.
[PHISH] Subject: THE COLLEGE OF NEW JERSEY JOB OFFER
Another job offer scam with a Google from link. Please ignore and delete. Subject: THE COLLEGE OF NEW JERSEY JOB OFFER Good Day Staff & Students. ( THE COLLEGE OF NEW JERSEY ) This message is from the Campus Job Placement & Student Services. In Accordance with the work and study regulations of ( THE…