The College of New Jersey Logo

Apply     Visit     Give     |     Alumni     Parents     Offices     TCNJ Today     Three Bar Menu

News

[PHISH] Amended The College Of New Jersey Handbook Updated Policy

We received reports of a phishing email that claimed to contain an updated handbook for TCNJ.  The email address of the sender is not a TCNJ address, which is a clear indicator that this is not legitimate.  The attached PDF document contains a QR code that leads to a fake Microsoft login page; the URL is also not a TCNJ address and ends in .ru.  Please be vigilant when reviewing your emails and report any suspicious messages to phish@tcnj.edu.  Thank you.

[PHISH] Chris Hann shared “HannWriting Inc.2025-03-18 14.07.29.pdf” with you

We are receiving reports of a phishing email utilizing Dropbox as a conduit to attempt to get users to download a malicious PDF.  See example email below.  Attackers often will use 3rd party services such as Dropbox to host malicious files and bypass spam filters.  Be cautious of any file sharing links that you are… Continue Reading

[PHISH] Q1 Employee Handbook|Policy Reviews-88638-ZHDN-NHHD-UPQN

We have received reports about an attacker impersonating our HR department.  See example email below.  Note that the sender email address is not a tcnj.edu address.  Hovering over the link also shows an unusual URL destination.  The email also uses a TCNJ logo and enticing wording to attempt to lure people into clicking the link. … Continue Reading

[PHISH] You sent a payment (from PayPal)

We are receiving reports of a PayPal scam being sent to TCNJ users.  The attacks leverage compromised PayPal accounts to send false money transfers and requests and include a false phone number to contact regarding the transfer.  Note that the phone number substitutes digits for letters to attempt to evade filtering.  Do not call this… Continue Reading

[PHISH] ACT NOW

We are seeing a number of TCNJ user’s receiving emails regarding inactive accounts prompting them to complete a Google form to maintain access.  Note that the attacker’s intentionally avoid using the word Password in the form as this will alert Google to potential phishing activity.  Always verify any emails of this nature by reporting them… Continue Reading

Top