The UW–Madison Office of Cybersecurity is aware of an active phishing campaign on campus during the week of March 14. In it the attacker impersonates UNICEF Executive Director Henrietta H. Fore, advertising a part-time, work-from-home job with weekly pay of $600.
Attached to the email is a PDF file purported to contain employment details but which asks readers to send personal information to the scammer at a legitimate looking email address.
The body of the email consists of an embedded image containing the following text:
From: REDACTED
To: REDACTED
Subject: UNICEF Paid part-time job
I am sharing job opportunity information to employees who might be interested in a paid UNICEF Part-Time job with a weekly pay of $600.
Attached is further information about the employment details.
Kindly follow the steps in the attached document and contact Henrietta H. Fore with your non-official email address I.e. Gmail, Yahoo, Hotmail, icloud etc.) For more details on the job.
Take note; this is strictly a work-from-home position.
Sincerely,
Henrietta H. Fore
Director, Supply Division
The goal of such job scams is to trick the unwary into sending money to the scammer using a variety of pretenses, often involving fake checks. For more about recognizing job scams, see the following articles:
- Beware Of Scams Involving Job Offers, Fake Checks
- Job Scams (FTC website)
The most recent phishing emails of this type were sent on the morning of Thursday, March 17, but such attacks can occur at any time. Please be on the lookout for such scams.
What should I do if I accidentally opened the attachment?
Scan your device for viruses as a precaution. See the Virus Information Center for details.
Reporting a phishing campaign
Outlook users:
To report phishing emails received via Outlook, please click the “Report Phish” button on the toolbar/ribbon located at the top of your page. This action will send the questionable email to the UW–Madison Cybersecurity Operations Center (CSOC).
Non-Outlook users:
If you do not see the “Report Phishing” button, then forward the message as an attachment (Source: KB 34567) to abuse@wisc.edu. Please do not simply forward the questionable email, as this will prevent us from seeing the header of the message and make it difficult to take appropriate action.
For additional information, please refer to: Office 365 – Submit a message as spam/phishing (Source: KB 45051).
If you are ever unsure whether an email message is legitimate, DO NOT RESPOND to it! Instead, contact the DoIT Help Desk (608) 264-HELP (4357) and ask for advice.