This email message was sent to the Mines Classified and Faculty mailing lists Tuesday, Jan 22, 2019:
From: Phillip Romig III <firstname.lastname@example.org>
Date: Tuesday, January 22, 2019 at 12:15 PM
To: “email@example.com” <firstname.lastname@example.org>, “email@example.com” <firstname.lastname@example.org>
Subject: ALERT – Email impersonating Mines employees and students
Over the last ten days the campus has seen a dramatic increase in the number of email based scams impersonating members of Mines community. Unlike previous iterations the criminals behind these messages have developed an understanding of the relationships between people on campus and are using that information to increase the likelihood of success. Hence, where previous versions of the scams might have claimed to come from Dr. Johnson or other highly visible individuals these messages will appear to come from your direct supervisor, colleague, instructor or even a friend.
Please help protect yourself and the institution from these scams by taking extra care any time you respond to any message. Remember that it is trivial to fake the sending address in an email and that the “From:” line in the message should never be trusted. You should always visually verify the address to which your response is going. It is a good idea to verify any action involving funds (i.e., p-card purchases, payroll changes, etc.) in person or over the phone before taking the action.
More information about phishing protection can be found on the university’s information security pages (search for “phishing” from the main Mine’s homepage). To report a phishing scam, or if you would like CCIT to verify any message for you, please forward it to mailto:email@example.com.
Phillip R. Romig, Ph.D.
Chief Information Security Officer
Colorado School of Mines