We received reports of an email targeting our users claiming to roll out MFA. TCNJ has used Duo MFA for some time now. Things to note regarding this attack: The sender address is not a tcnj.edu address. The link in the email points to a non tcnj.edu domain. The landing page contains no TCNJ branding… Continue Reading
Announcements Archive
[PHISH] EmpIoyee Performance EvaIuation
We received reports of an email sent to a number of users that claimed to contain employee performance evaluations. The email comes from an .edu address but not a TCNJ one, and uses language to indicate urgency. Also the link goes to a Jotform form imitating a login page. Also note the word “PASSWORD” is… Continue Reading
[PHISH] Hello, Review 2025 Salary Adjustment Payroll & Updated Team Benefit-Bonus_For Your Approval Ref:-I8eFAqdNgSV5P80J9SWYZIy3Kma62Y
We received a report regarding another phishing email that attempted to get users to scan a QR code to visit a malicious site that tries to harvest users’ credentials. See example below. Note that the email does not come from a TCNJ.edu address, as well as the odd capitalization used. Be cautious of unfamiliar emails… Continue Reading
[PHISH] Text Message About Closing Email Account
We have received reports that TCNJ users are receiving text messages claiming to be from the help desk about a request that the user close their school email address. The TCNJ help desk will not contact you about matters such as this via text message. Note in the screenshots below, the phone number does not… Continue Reading
[PHISH] July 2025 Salary Settlement_Approval Ref:-glY0Q4bUaNvfwrKclfGjyhoCYiubUB
We have received reports of a phishing email using a QR code to attempt to get users to follow a link to a fake Microsoft login page that will harvest user’s credentials. The email imitates TCNJ but does not come from a TCNJ email account. Scanning the QR code will lead to a fake captcha… Continue Reading
[PHISH] Review Completed: Tcnj management Settlement Agreement i
A phishing email utilizing an attachment with a QR code in it has been reported. The subject tries to engage the curiosity of the reader and prompt them to scan a QR code which leads to a malicious domain. This page will prompt the user to enter their credentials to view a document with the… Continue Reading
[PHISH] Salary Increment Letter – Effective June
We have received reports of a QR code phishing scheme claiming to contain details of a pay increase. Screenshots are below. The email utilizes an attachment that contains a QR code and prompts the user to scan it to view details. The link takes the user to a false Microsoft login page which prompts for… Continue Reading
[PHISH] Amended The College Of New Jersey Handbook Updated Policy
We received reports of a phishing email that claimed to contain an updated handbook for TCNJ. The email address of the sender is not a TCNJ address, which is a clear indicator that this is not legitimate. The attached PDF document contains a QR code that leads to a fake Microsoft login page; the URL… Continue Reading
[PHISH] Immediate Action Require: MFA System Upgrade
We received reports of an email utilizing a QR code attachment imitating TCNJ and warning of account lockout. Note the email did not come from a tcnj.edu email address and the entire email was an attachment. The QR code (if scanned) does not lead to a tcnj.edu website. Do not reply to the sender nor… Continue Reading
[PHISH] [TCNJ: Information Security Advisory] 2FA Authentication!
A number of users received a QR code phishing email this morning impersonating TCNJ. Note that the email originated from a Gmail account and not a TCNJ email address. The entire email body was an image rather than text, which attackers use to bypass filters. Do not scan the QR code. The landing page for… Continue Reading
[PHISH] Text Message Phish about Shutting Down Email
We’ve received some reports regarding another text message attack impersonating our help desk. Be aware our TCNJ Help Desk will not contact you via text message. You should also note that the area code of the phone number is outside the NJ area. Another point is that the attacker uses a sense of urgency in… Continue Reading
[PHISH] Chris Hann shared “HannWriting Inc.2025-03-18 14.07.29.pdf” with you
We are receiving reports of a phishing email utilizing Dropbox as a conduit to attempt to get users to download a malicious PDF. See example email below. Attackers often will use 3rd party services such as Dropbox to host malicious files and bypass spam filters. Be cautious of any file sharing links that you are… Continue Reading
[PHISH] Q1 Employee Handbook|Policy Reviews-88638-ZHDN-NHHD-UPQN
We have received reports about an attacker impersonating our HR department. See example email below. Note that the sender email address is not a tcnj.edu address. Hovering over the link also shows an unusual URL destination. The email also uses a TCNJ logo and enticing wording to attempt to lure people into clicking the link. … Continue Reading
[PHISH] You sent a payment (from PayPal)
We are receiving reports of a PayPal scam being sent to TCNJ users. The attacks leverage compromised PayPal accounts to send false money transfers and requests and include a false phone number to contact regarding the transfer. Note that the phone number substitutes digits for letters to attempt to evade filtering. Do not call this… Continue Reading
[PHISH] You added a new address – PayPal
We received reports of a PayPal phishing scam that appears to be rather sophisticated. The emails and link in the body do appear to come from paypal.com but are not legitimate, the phone number included is not associated with PayPal and the link may be used to redirect to a false login page. If you… Continue Reading
[PHISH] Text Messages Regarding Shutting Down Email
We have received reports of users receiving text messages claiming to be from the IT Help Desk stating their school email is being shut down. They request approving a Duo push to prevent cancellation, and if the password they have doesn’t work, they are requesting the password. The TCNJ IT Help Desk will never contact… Continue Reading
[Phish] Subject: RA-NEEDED!!!!!
This is not a real job offer. Please ignore and delete the message. From: Paluska Bence <paluska.bence@blathy.info> Date: Sun, Dec 15, 2024 at 11:42 AM Subject: RA-NEEDED!!!!! To: Dear Students at The College of New Jersey, The College of New Jersey is currently seeking the assistance of dedicated and computer-savvy students (both graduate and undergraduate) for… Continue Reading
[PHISH] ACT NOW
We are seeing a number of TCNJ user’s receiving emails regarding inactive accounts prompting them to complete a Google form to maintain access. Note that the attacker’s intentionally avoid using the word Password in the form as this will alert Google to potential phishing activity. Always verify any emails of this nature by reporting them… Continue Reading
[Phish] SMS Let me know if you’re available
We received a reports of a text message from 908-897-XXXX impersonating President Bernstein asking if the recipient is available. This is a scam. Ignore and delete the message. Do not reply. Continue Reading
[PHISH] SMS message asking about closing TCNJ email
See example below. TCNJ’s Help Desk will never contact you via text message in this manner. Please note the area code in the screenshot is outside of New Jersey as well. Be sure to always verify suspicious messages via alternative means, such as emailing us here at phish@tcnj.edu. Thank you. Continue Reading
[PHISH] Subject: THE COLLEGE OF NEW JERSEY JOB OFFER
Another job offer scam with a Google from link. Please ignore and delete. Subject: THE COLLEGE OF NEW JERSEY JOB OFFER Good Day Staff & Students. ( THE COLLEGE OF NEW JERSEY ) This message is from the Campus Job Placement & Student Services. In Accordance with the work and study regulations of ( THE… Continue Reading
[Phish] Subject: The College of New Jersey,Act Email Verification
Please ignore and delete the following phish. If you entered your credentials in the form you need to change your password. Dear Valued User , We received a request from you to terminate your Office 365 email due to a dual college/universities account. And this process has begun by our administrator. If you did not… Continue Reading
[Phish] Subject: Administrative assistant needed
The following phish was reported. Please ignore and delete. There is no job. It is a scam Good day, Work at your convenience and earn $450 weekly. It’s a Flexible part-time job. All the tasks are work from home/on campus job, you don’t need to travel somewhere and also you don’t need to have a… Continue Reading
[PHISH] Broker Seeking Student Assistant: Part-Time Position
This morning we received reports of users receiving a job offer scam. This is a common phishing attack using an online form to gather information for further exploitation. Note that the sender’s email does not match the name in the signature. Do not reply to the sender or click on any links in the email. … Continue Reading
[PHISH] SMS Impersonation
Please be aware of attackers using text messages to impersonate TCNJ employees. See a recent example below. Indicators of fake text messages are similar to those in phishing emails, as well as out-of-state area codes or numbers marked private. Continue Reading