TCNJ has been notified by Teachers Insurance and Annuity Association (TIAA) that a 3rd party vendor they use, Pension Benefit Information, LLC (PBI), had a data breach of their MOVEit transfer service. PBI has mailed notification letters to the affected individuals. If you have received a notification letter, we suggest you take advantage of the credit monitoring service from Kroll they are offering. Your TCNJ data was not affected by this breach, and we believe the proper security updates have been applied by the 3rd party vendor.
Security Notices
[PHISH] Retirement and Pension Meetings for TCNJ Employees
A number of TCNJ users were sent this unsolicited email from an outside source. TCNJ does not use this service or know its legitimacy as a service. We recommend you do not communicate with the sender or click any links contained within the email. Continue Reading
[PHISH] – Your Email @tcnj.edu will be blocked
We have received notification from a number of users that they have received an email that appears like the one below. The sender field will contain mail.tcnj.edu and the email address of the user and the email subject will indicate your email address will be blocked. This email contains a link that will attempt to… Continue Reading
Phish – Subject: TCNJ
New phish with a link to a weebly site that tries to look like a TCNJ login page. Please delete. From: Support TCNJ <pr_2@prometey.org.ua> Date: Wed, Apr 19, 2023 at 5:16 PM Subject: TCNJ To: Due to a recent Phishing email that has been going around the TCNJ most Student/Staff Service accounts have been compromised.… Continue Reading
[PHISH] Cell Number Phish from icloud.com emails
We have received reports where a number of icloud.com email addresses are sending in emails impersonating TCNJ employees and requesting user cell phone numbers. The email from address contains the employees name but the email address contains a misspelled or imitated office title and ends in @icloud.com. The attackers are also including an official looking… Continue Reading
[PHISH] Invoice XXXXXXXXX from PPal Sales
We have received notification of a possible PayPal invoice phishing scam being sent to users. The email address appears to be quickbooks@notification.intuit.com but investigation indicates replies will be sent elsewhere. Screenshots are below. Do not interact with the sender by replying or clicking any links within the email. If you receive any invoices you were… Continue Reading
PHISH – Confirm Account
The email below is a phishing email. It contains a link that leads to a malicious page, please do not click any links contained within and delete the email. Continue Reading
IT SECURITY ALERTs Phish
Below is an image of an email sent by a Tony Burr. Even though this came from a Google Drive sharing address, this is instead a phishing email impersonating a TCNJ employee. These often contain a mismatched sender to the person stated as the file sharer. You can also see the sender address is not… Continue Reading
Payroll Self-Service Phish
The following message is a phish. Please ignore and delete it. The links is to a malicious wordpress site From: Technology Department <tsmith@humbleisd.net> Date: Mon, Jan 23, 2023 at 7:59 AM Subject: Employee Payroll Self-Service Update To: XXXX Employee Payroll Self-Service Update Dear Employee, Our Payroll Department is in the process of updating and upgrading… Continue Reading
Assistant Job Scam
There have been a number of reports of an outside party impersonating a TCNJ professor offering a a job to students. This is a scam. A TCNJ professor will never reach out to any students on their personal email accounts and ask the student to be their assistant. Any unsolicited messages should be scrutinized, especially… Continue Reading