We are experiencing an ongoing cyber attack in which an attacker targets students to compromise banking details. In these fake messages, victims are asked to complete a Google Form, similar to the one below.

How to Stay Safe:

Do not provide passwords or banking details in Google Forms, or in any other forms you do not trust. When in doubt, call the IT Help Desk before proceeding. See Example of a google form used in a phishing attack. No one at Adelphi will ever ask for your password. Always  sign in to eCampus via Single Sign On.
Screenshot of google form

Check the bottom of any google form to see what Domain is hosting it, in this case it was NOT from Adelphi.  Again no one at Adelphi will ever ask you to provide your password, ever.
Screenshot of bottom of google form

Set up multiple recovery factors.

Change your password immediately if you suspect that somebody may have accessed your account without your permission and let us know by calling the IT Help Desk, or by emailing abuse@adelphi.edu.

Do not respond to any suspicious emails and never open email attachments or click on links if you find the content unexpected or untrustworthy. Emails from Adelphi officials will always come from an @adelphi.edu address.

If you are on a laptop or a desktop, always check the actual URL before clicking by hovering over it and looking in the lower left of the browser window.  This shows that it is NOT going to Adelphi.  For example, in a recent phishing attack shown below, it may seem that you are directed to a page hosted by Adelphi, but when putting your mouse over the link and check, it shows that you are going to a different one. This might be difficult to see on a mobile device.
Screenshot of email with link location

Official Emails from Adelphi only come from @adelphi.edu addresses. If the sender has a @mail.adelphi.edu and claims to be official, it is likely coming from somebody else.

Official messages will only be sent to an individual student or an official list. This example shows hundreds of other addresses on the same message sent from a student account. Again the link does not go to Adelphi and the phone number is not correct either.

Screenshot of email with links and amount of emails

Screenshot of email with links and amount of emails

Review our website for practical tips on identifying and handling phishing attempts.

Reminder

As of Monday, August 19, 2024, all access to Gmail accounts used by students and alumni will require multifactor authentication. Please strengthen your security now by setting a new password and by ensuring your recovery methods are up to date.

Responded to a Phishing Email? Here’s What to Do Next

While our IT team works hard to keep our network secure, some threats can bypass our defenses. Please remember that Adelphi IT will never ask for your password or sensitive information via email, phone, or Google Form.

If you have any questions or concerns about this incident, please contact us.

Contact
Phone Number
More Info
Location
Hagedorn Hall of Enterprise LL
Connect
Search Menu