A fraudulent email was sent to a large number of student, faculty, and staff email accounts. The messages went out either over the weekend and had the subject line "New Paltz Dual Email Security Concern: Act Now".
A screenshot of the fraudulent message is below. There are a few ways you can determine that this is fraudulent (or at least that should be suspicious):
-
One of the most common types of fraudulent emails is a message asking recipients to verify or re-verify their accounts. You should be cautious of any such request - not just for New Paltz - but for any service you use such as banks, social media sites, or e-commerce sites.
-
The line at the bottom of the message shows: "© 2024 State University of New York All Rights Reserved.". For some reason, cybercriminals love putting copyright symbols at the bottoms of their emails. They think it makes their messages look more legitimate - but it also makes their emails stand out (as New Paltz emails never have copyright messages at the bottom).
-
The link itself is to a survey site (surveyheart.com). Never provide your password or any sort of sensitive information to a survey site.
-
The 'from' address the email was sent from, and the name listed at the bottom do not match. The name 'Ryan Cavitt' that was listed isn't a faculty, staff, or student at New Paltz.
