dennislewisr856@gmail.com

JOB ASSISTANT.pdf

ASSISTANCE ADMINISTRATIVE Dear Students.. Work at your convenience and earn $450 weekly. It's a Flexible part-time job. All the tasks are work from home and on campus, a job where you don't need to travel somewhere, and you don't need to have a car to get started. Please find the position and some basic information below.

Type Position:(REMOTELY) Part-Time Job Position (REMOTELY) During this time!!! Working from home would be great. Therefore, you have been offered a campus Administrative job Executive assistant for a data entry Job. This is a DATA ENTRY position, and no skills are required as you will be trained for the position Opportunity at the convenience of your home or dom, This will not affect your study...

Position:Executive Assistant/Bookkeeper For Students(REMOTELY)!!! 2-3 days a week

Pay Rate:$450 weekly Hours: Average of 3-7 hrs weekly Part- Time:Administrative Assistant For Student to Work Part -time(REMOTELY).

If interested, send your Full Name, Persoanal Email, Phone Number, Home Address, Age, Bank Name for review and interview to: hillr4528@gmail.com Application will be received, and you will get a response between 2- 24 Hours. Job Placement & Student Services Best Regards... Thanks For your Time...

• Sender: External Sender
• Links: There are no links. However, the message asks you to reach out to an external email address with an alternative email to prevent it from being caught as junk and phishing. 
• Attachments: PDF containing external email to contact.
• Message: The message uses a social engineering tactic where there is an offer of employment that seems too good to be true.

seanlance84@gmail.com

Dear Students (1) (2).pdf

PDF:

ASSISTANCE ADMINISTRATIVE

An administrative assistant to perform various administrative tasks like making or receiving payment and sending gifts, keeping record and processing paperwork, when necessary, with a good weekly pay is needed, please find the position and some basic information below CLICK HERE

Position: Personal Assistant Type: Part-Time Job Pay:$450 weekly Hours: Average of 10 hrs weekly This position will be home-based and it's a flexible part time job, you can be working from home, School, or any location Job

Placement & Student Services

• Sender: External Sender
• Links: h[x[x}ps://docs[.]google[.]com/forms/d/1T_NtJvBMCYUHp6jvmqYger0vnnvYp5WrWSXdynHWBq0/viewform
• Attachments: PDF containing message and google docs link.
• Message: The message uses a social engineering tactic where there is an offer of employment that seems too good to be true.

adh2az@elearnmail.mtsu.edu

UNICEF EMPLOYMENT OPPORTUNITIES

I am sharing job opportunity information to students and staff who might be interested in a paid UNICEF Part-Time job with a weekly paid job of $500 USD that is currently available.  

If interested, Kindly contact Dr. Nicholas Hoffman via dr.nicholashoffman80[@]gmail.com with your alternate non-educational email address I.e., Gmail, Yahoo, Hotmail etc.) for details of employment .

N.B, this is strictly a work from home position.

Sign,
Academic Career Opportunity
 

• Sender: External Sender
• Links: There are no links. However, the message asks you to reach out to an external email address with an alternative email to prevent it from being caught as junk and phishing. 
• Attachments: Attachment contains the message and alternate contact information.
• Message: The message uses a social engineering tactic where there is an offer of employment that seems too good to be true.

Hello Applicant ,

This position will be a home-based and flexible part time job, you can be working from home, School or any location.

About Job: It's a home base job that can be done anywhere either at home or campus which does not disturb any other of your school or work schedule, you can determine your working hour, just 2 hour a day $500 weekly and allowance would be added if all task is done diligently .

Kindly send your Full name and Age to <ericjordan1804@gmail[.]com> to show interest or send a text to  ‪<(929)[]445[-]2038>

Do not forget to send your Full name and Age to  (ericjordan1804@gmail[.]com) using only your alternative email address.

DO NOT FORGET TO TO SEND YOUR FULL NAME AND AGE TO (ericjordan1804@gmail[.]com) USING ONLY YOUR ALTERNATIVE EMAIL ADDRESS .

Regards
 

• Sender: No signature, Tulane Account
• Links: There are no links. However, the message asks you to reach out to an external email address with an alternative email to prevent it from being caught as junk and phishing. 
• Attachments: There are no attachments.
• Message: The message uses a social engineering tactic where there is an offer of employment that seems too good to be true.

Mon

January 30, 2023

Dear Student/Faculty/Staff, 

One of our staff, Mrs.Hailey Macdonald downsizing and looking to give away her late dad's piano to a loving home. The Piano is a 2014 Yamaha Baby Grand used like new. I will not be checking this email often; you can write her to indicate your interest on her private email HaileyMacdonald11@outlook[.]com  to arrange inspection and delivery with a moving company. Please write Mrs.Hailey Macdonald via your  email for a swift response.

Best regards.

Anissa Lawton
Academic Coordinator
 

• Sender: External Sender.
   
• Link: There are no links on this email. However the email asks you to contact another external email linked in the body of the message.
   
• Attachment: none 
   
• Message: The message instructs you to reach out to another external email to claim a free expensive item. 

A DOCUMENT HAS BEEN
RECEIVED FROM +61396002819
Reference #: +61396002818
Result Code: SUCCESS

Pages: 2

Click the attachment below to view document.

PREVIEW ONLINE

• Sender: External Sender. 
   
• Link: When you hover over the link, it goes to a random site. The site then asks for your username and password. 
   
• Attachment: None
   
• Message: The message instructs you to preview a document. This redirects you to a site that asks for your username and password.

Artifacts

Email Body:

Credential Harvest:

Tulane User Account
<anyuser@tulane.edu>

Our records indicate that your Office-365 has two different logins with two universities portals. Kindly indicate the two info logins as soon as possible. To avoid termination within 48hrs and to prevent loss of all emails associated with your account, we expect you to strictly adhere and address it.

We will process your request shortly.

If you have only one college account, fill in the correct user and password and submit but if you are in a dual credit college fill in the correct username and password for both schools and submit. If you have no knowledge about the request process, kindly update to cancel the request below.

Cancel The Request [linked to http[]//talksforonline[.]click]

Thank You.

©Microsoft 2022

• Sender: IT notices should only come from IT related mailboxes. 
   
• Link: When you hover over the link, it goes to a random site. The site then asks for your username and password. 
   
• Attachment: None
   
• Message: The email is a scare tactic meant to trick you to action through a sense of urgency. Also, the message has several spelling/grammar issues.

Tulane User Account
<anyuser@tulane.edu>

Tulane University ( Final Notifications )

October 30, 2022

Our records indicated that your Office365 has two different logins with different 'University/College' portals. Kindly indicate the different login as soon as possible. To avoid termination within 24hrs, you are expected to strictly adhere and address it.

Failure to follow instructions would result in you losing your email account.

If you have only one college account, fill in the correct user and pass-code then submit. You are required to fill in the correct username and password for both schools before submission.

If you have no knowledge about the request process, kindly update to cancel the request below. CLICK HERE [phishing link]

IT Help-desk 

Copyright-Tulane University

• Sender: The sender’s name does not match the signature of the email.

• Link: When you hover over the link, a Google Drive URL appears- a common method for hiding malicious items inside documents and files.

• Attachment: None

• Message: uses a sense of urgency to prompt action. Requests your login in credentials (user/passcode) The signature looks odd compared to standard emails. Emails that have copyright-Tulane University in the signature are phishy. Check for spelling/grammar.

[Office 365 logo]

Hello John,

Your john@tulane.edu Password expires today

You can continue using your current password below.

Keep Current Password [link]

[tuIane.edu Notification]

• Sender: Not Tulane.edu. Tulane.com is not a Tulane site.

• Link: Goes to fake Microsoft login page.

• Attachment: none

• Message: The message uses a sense of urgency to try to prompt action. Make sure you check the link and recognize the sender before clicking the link.

MailReport_Notification <notifications@employerondemand.com>

Your Storage Has Exceeded Its Limit

You have less than 3% of your undergrad.admission@tulane.edu storage capacity left and 5 pending messages. You are required to manage your storage to prevent mail malfunctioning.

Clear Some Space [linked button]

Notice: Action is required before August 12, 2022

Account Information: User: undergrad.admission@tulane.edu; Doman: tulane.edu

• Sender: External/ third-party

• Link: an unrelated site

• Attachment: none

• Message: uses a sense of urgency to try to prompt action. Internal communications should come from Tulane.edu emails.

Tulane User Account <directorexecutive621@gmail.com>

Request?

August 10, 2022

Hi, I am currently out of the office with limited phone accessibility Can you please step out to make a request for me

Thanks

Tulane Employee

• Sender: External

• Link: none

• Attachment: none

• Message: uses a sense of urgency to prompt action. Malicious links or attachments usually come through in subsequent emails when you respond.

Flipsnack
<noreply@flipsnack.com>

[Flipsnack logo inside a dialogue attachment box]

Your online payroll information has been updated.

Read more on the shared document.

[clickable links]

• Sender: External

• Link: an unrelated site.

• Attachment: none

• Message: Payroll information requests will never come from an unofficial third party. These will come from an official Tulane service, clearly marked Tulane.

Tulane User Account
<tmart@wavetulane.onmicrosoft.com>

Your Approval is Required

July 20, 2022

[DocuSign logo and dialogue attachment box]

Tulane User Name, sent you a document to review and sign.

Review Document [linked button]

• Sender: External

• Link: Fake Docusign Link. If you hover over the link you will see it does not go to docusign.com.

• Attachment: none

• Message: Docusign requests are tricky because they may be legit, or they may not be. Make sure you check the link and recognize the sender before clicking the link.

Administrative Notification <sgoncalves@psi.uminho.pt>

New Payroll Update for <labarchives@tulane.edu>

July 12, 2022

[External Sender. Be aware of links, attachments and requests.]

[Tulane University logo]

Recipient: labarchives@tulane.edu

2 New Notification Regarding Your 2022 Payroll

[phishing link]

• Sender: External

• Link: an unrelated site.

• Attachment: none

• Message: Payroll information requests will never come from an unofficial third party. These will come from an official Tulane service, clearly marked Tulane.

Kaulana Gould
<no-reply@sharepointonline.com>

Kaulana Gould Shares "Tulane Review Session July 2022" with you

July 12, 2022

[Microsoft dialogue attachment box]

Kaulana Gould shared a file with you from Sharepoint.

FWD: President Michael Fitts shared a file with you using one drive.

[clickable links]

• Sender: External/third party. Do you recognize the sender?

• Link: OneDrive and Sharepoint links are tricky because attackers can use them to hide malicious links. Hover over the link to check it before clicking.

• Attachment: none

• Message: Were you expecting a OneDrive or Sharepoint request? 

Tulane User Account
<richarddalton314@gmail.com>

Donation

June 13, 2022

[External Sender. Be aware of links, attachments and requests.]

My name is Rick Hill. My grandparents were graduates of Tulane and they have both passed and they had a large collection of antique medical instruments, gurneys, wheelchairs, etc. in addition to this are several pictures, yearbooks and diplomas from Tulane and charity hospital of New Orleans. I was hoping to donate these items if you are interested in having them. –

Sent from Gmail Mobile

• Sender: External

• Link: none

• Attachment: none

• Message: uses a sense of charity to prompt action. There is no link or attachment, those usually come through in a subsequent email. It is important to verify the user is who they say they are.

Tulane User Account
<username@tulane.edu>

Memo From HR Dept.

June 8, 2022

Greetings,

You have a message from the  Hr department

Click here to view the message.

Office 769-300-621 | Fax 612-222-9835

Copyright 2022 TULANE EDU All rights reserved

• Sender: External

• Link: a site not related to Tulane.

• Attachment: none

• Message: HR information requests will never come from an unofficial third party. These will come from an official Tulane service, clearly marked Tulane.

Tulane User Account
[tdempsey1@tulane.edu]

TU Reminder! NOTICE!!

June 5, 2022

[Tulane University logo]

HELLO THERE

I JUST SHARED AN IMPORTANT TU DOCUMENT WITH YOU. DOCUMENT CONTAINS INFORMATION THAT ARE OF EXTREME IMPORTANCE TO YOU AND EVERY OTHER TU STUDENT AND YOU ARE ADVICED TO HAVE AN URGENT VIEW AT THIS SHARED DOCUMENT ASAP.

CLICK HERE TO VIEW THE SHARED DOCUMENT [clickable link]

[Tulane University logo]

• Sender: External

• Link: May or may not be a OneDrive link. Attackers can use Onedrive as well.

• Attachment: none

• Message: Onedrive links are tricky because they may be legit, or they may not be. Make sure you check the link and recognize the sender before clicking the link. Check for spelling and grammar errors. Finally, how often does someone send an email written in all caps? 

Tulane User Account
<kimnettybetty@gmail.com>

Task

June 1, 2022

[External Sender. Be aware of links, attachments and requests.]

Jenifer,

Please respond with your cell number; I have an assignment that needs to be completed real quick, and I’ll be texting you after. Thanks in advance

Tulane Employee Name

• Sender: External

• Link: none

• Attachment: none

• Message: uses a sense of urgency to try to prompt action. There is no link or attachment, those usually come through in subsequent email or text.

Tulane User Account
<username@tulane.edu>

IT Services Communications Team

May 25, 2022

[dialogue box with links]

You have a message from the Human Resources Department.

Review Document [linked button]

HR Department

Office (518) 542-2716 | Fax 612-222-9835

Copyright 2021 PCT. All Rights Reserved

• Sender: External/third pary 

• Link: a site not related to Tulane.

• Attachment: none

• Message: HR requests will never come from an unofficial third party. They will only come from an official Tulane service, clearly marked Tulane.

Noor Makan
<echosign@echosign.com>

Signature requested on "WEAICOR HIPAA"

May 19, 2022

[Tulane University powered by Adobe Acrobat Sign logo inside a dialogue attachment box]

Noor Makan requests your signature on WEAICOR HIPAA [clickable link]

Please review and complete WEAICOR HIPAA. After you sign WEAICOR HIPAA, all parties will receive a final PDF copy email. 

• Sender: External

• Link: Fake Echosign link. Hover over the link to see it does not go to Echosign.com.

• Attachment: none

• Message: Echosign requests are tricky because they may be legit, or they may not be. Make sure you check the link and recognize the sender before clicking the link.

Tulane User Account [matilto:tulaneusername@gmail.com]

RENEWAL PLAN SUMMARY

March 24, 2022

Dear Customer,

Your Plan is renewed.

The Charged amount will be reflected within the next 24 to 48 hours on your account statement.

If you wish to claim a REFUND then kindly Contact our Billing Department as soon as possible.

You Can Reach Us On: +1(818­–477–4181)

Thanks & Regards

Billing Department Norton

• Sender: Not Norton Lifelock

• Link: an unrelated site.

• Attachment: none

• Message: Purchase scams like this are common. They want to trick you into thinking that your "account" will be charged. Unexpected messages like these should be treated as suspicious. Reach out directly to the company through their website without clicking on a link in the email.