Current Spam Threats

Gift Card Scam

Gift Card Scam

We are currently receiving gift card scam emails that we aren't able to block. Their emails can't be blocked preemptively since they send from different domains and accounts, randomize the content in their emails, use lots of intentional misspellings, and use common wording. This scammer will try to trick you into sending them gift card codes, then they will sell those codes online at discounted prices to make money. The scammer will always have the name on whatever email account they send from be the name of a UVU employee, supervisor, director, or vice president, so you have to look at the sending address, not just the name. They will also sometimes spoof legitimate email addresses. Their initial emails are usually very basic, a typical greeting asking if you're available. When you respond, as shown below, they then ask for gift cards to be purchased and promise to reimburse you, but they won't. They'll ask for you to scratch off the backs of the gift cards and send pictures of the codes either in a reply to the email or sometimes they'll want you to send them to an email account they created that's designed to look legitimate, as shown below.

How to identify a gift card scam email:

  • Always make sure to look at the from address, not just the name on the account.
  • At any point are they asking you to buy gift cards?
  • Look for poor grammar. This could include misspelled words, commas or periods that occur before or after where they're supposed to, incorrect capitalization of letters, or unusual wording that seems off.
  • Does the sender specify that they're unavailable for phone calls or other communication except email?
  • If you're not sure, forward the email to [email protected] and we'll help you
  • These emails are usually sent early in the day or later in the afternoon or early evening. This is because those are the times people are first getting into work or are about to leave, when you're less attentive than usual.


Gift Card Scam Email Example

gcs example

Payroll Scam

Payroll Scam

We're currently receiving scam emails that look like the email graphic below. They typically will send from a random email address, but will use the name of somebody who works at UVU, sometimes a vice president. The subject link will contain something along the lines of "Direct Deposit Change" or "Urgent Payroll Request". The body of the email is typically short, often with both odd and common wording. It will almost always include a request to change the direct deposit information of the person they're fraudulently impersonating. They'll also include a fake signature of the person they're fraudulently impersonating.

How to identify a payroll scam email:

  • Always check the email address of the sender. It's easy for them to use the name of someone you actually know, so you need to make sure it's actually from them by also looking at the sending email address.
  • Make sure you follow standard procedure. Without providing proper forms, employees can't change their direct deposit information over email.
  • Watch out for unusual wording and poor grammar. Spammers will use them to avoid spam filters.
  • These emails are usually sent early in the day or later in the afternoon or early evening. This is because those are the times people are first getting into work or are about to leave, when you're less attentive than usual.


Payroll Scam Email Example

payroll scam example

Password Scam

Password Scam

 One of the largest scams going around right now is this password scam. The scammer has obtained a very large list of actual passwords people once used. These passwords were likely stolen during a number of data breaches that have occurred in the past, having been sold on the dark web afterward. The scammer will put together an email, usually with a username/password combo you've used in the past in the subject line, with the body of the email having some kind of threat to you. The two most common threats right now are a sextortion scheme, where the scammer claims to have hacked your device and recorded you watching porn, and they'll send the video to all of your contacts if you don't pay them, and the other being a threat to infect your family with COVID-19 and revealing all of your secrets, as show below in the example email. All of these threats are fake. They only have a password you once used, they don't have anything else and can't do anything to you as long as you no longer use the password they have. They send these emails from random email accounts and will use different character sets to avoid spam filters. Sometimes they might even spoof your own email address to make it appear as though you've sent the email to yourself.

How to identify a password scam

  • Does the email contain a legitimate username and/or password you once used?
  • Does the sender make serious threats in the email?
  • Are they asking for Bitcoin payment?
  • Look at the sending address. Is it unfamiliar? Is it your own email address?
  • Does it look like they're using an unusual font for the body of the email?
  • Is the wording unusual?

Password Scam Email Example

pps example

Online Directory Attacks

Online Directory Attacks

Utah Valley University recently moved from having contact information for most faculty and employees easily available online to using an online directory messaging system. With this messaging system, someone can send a message to anyone in the directory, and can pretend to be anyone by giving any name they want to and any email address they want to. This opens the door for scammers to trick you. Below is an example of a gift card scam that was sent using the UVU online directory messaging system, but any other type of spam can also be sent using this method. The email will be from [email protected], but the sender also has to give an email address which is included in the message body. Scammers might try to make the email look like a legitimate email to trick you into thinking they're someone they aren't. Always keep in mind that other faculty and employees that have Outlook will easily be able to find your email address and email you directly, so if it appears that someone from UVU is using the online directory messaging system to contact you it could be a scam.

How to identify an online directory attack:

  • Does the message appear to be from another UVU employee? They should be able to directly email you instead of using the online directory messaging system, so it might be a scam.
  • Does the content of the message seem unusual or include poor grammar or misspellings?
  • Is there a sense of urgency to the email?
  • Is the sender giving you instructions of some kind or telling you to do something?
  • Does it look like one of the other email attacks on this webpage?

Online Directory Attack Email Example

online directory spam example

Voicemail Scams

Voicemail Scams

Utah Valley University does send out legitimate emails when you receive a voicemail, but there are also scammers out there that try to trick you into clicking on malicious links. The legitimate UVU voicemail emails will always be from [email protected] with a link inside the email that, when hovered over, will show that it goes to an website. The scammers behind the fake voicemail emails will try to make them look legitimate, but the best ways to spot them is by looking at the from address and looking where the link is going to take you before clicking on it.

How to identify a voicemail scam:

  • Look at the from address. If it's anything except [email protected], it's not legitimate.
  • Hover over the link before clicking on it. If it doesn't go to an website, it's not legitimate.
  • The content in the email will usually look unusual, including random symbols, misspellings, and the content might look unorganized.
  • If you're ever uncertain, please forward the email to [email protected] and we can assist you.

Voicemail Scam Email Example

voicemail scam example

Personal Assistant Scam

Personal Assistant Scam

We are currently receiving an email attack that is designed to look like a legitimate job offer, but ultimately the scammer is trying to trick you into giving away sensitive private information, such as banking information, personal identification documentation, or even your username and password. This kind of email can be sent from almost any kind of email address, even UVU employee emails that have been hacked. What happens is that a scammer will get the login credentials of a UVU employee from a different phishing scheme, and then they'll use that employee's email account to send out another scam to all of that employee's contacts. This personal assistant scam is setup to get someone committed to the offer before they know what it is they're giving away. The initial email starts with an enticing offer of hundreds of dollars weekly for only a couple hours of work, and all they ask for is some basic information like your home address, phone number, and age. When you give them this initial information, they will try to email back and forth with you for a couple emails, and then once they know you're committed to the offer they'll trick you into giving away sensitive private information. Ultimately, if it seems too good to be true, it probably is, and $100/hour for a personal assistant job is definitely too good to be true.

How to identify a personal assistant scam:

  •  If it seems too good to be true, it probably is.
  • Is there any unusual punctuation, spelling, or paragraph organization?
  • Does the email ask you to respond to a different email address than the one that sent the email?
  • Is the email asking for personal information?
  • Are you still uncertain? Forward the email to [email protected] and we can assist you.

Personal Assistant Scam Email Example

personal assistant scam example