Phishing attempts promising job opportunities are circulating through Georgetown University’s email system, according to the university’s Chief Information Officer Judd Nicholson in a systemwide message Sept. 22.
In many of the phishing emails, scammers posing as administrators offer students fraudulent university employment. In his message, Nicholson urged students to ignore the emails and not interact with them in any way.
“This email is not a legitimate job opportunity, as official university student employment opportunities are not advertised in this manner,” Nicholson wrote in the systemwide email. “The scammer will try to induce you into spending thousands of dollars on equipment claiming that Georgetown will reimburse you.”
Phishing emails pose the greatest cybersecurity threat to any organization, so the university has added more training and controls to minimize student risk, according to Nicholson.
“To mitigate this increase in exposure, we have implemented additional technical controls,” Nicholson wrote in an email to The Hoya. “We have stepped up our training in this area and it will be a focal point for our Cyber Awareness Month campaign in October.”
Nicholson also noted that students should take care with their personal use of Zoom, Teams, Google Meet and other call services. Sharing passwords or Zoom IDs can undermine the security of these services.
The recent phishing scams are not the first to target Georgetown students seeking employment, according to Eric Bazail-Eimil (SFS ’23), who nearly fell victim to a similar scam last fall.
“I almost got duped by the one that came out at the beginning of last year,” Bazail-Eimil said in a Zoom interview with The Hoya. “It was saying, ‘You know there’s this job offer with Nestlé, and it’s gonna pay you $15 an hour.’”
A few days after responding to the email, Bazail-Eimil received a check for $2,600. He then brought the check to the Georgetown University Alumni and Student Federal Credit Union, who verified that the check was fraudulent.
After noticing an uptick in fake check schemes earlier this year, GUASFCU shared an email with its customers explaining what to look for in email scams.
“The pitch will be believable, and will often relate to an advance on a sweepstakes, or payments for the first installment of future amounts received for agreeing to have money in a foreign country transferred to your bank account for safekeeping,” the email read. “The checks are fake, but they look real. Some are phony cashier’s checks, others look like they’re from legitimate businesses.”
Students should be vigilant, but if they do fall victim to phishing, they should immediately reach out to their bank, according to GUASFCU’s Chief Operating Officer Erika Kissel (MSB ’21).
“If you have given away personal banking information to a phishing scam, contacting your bank is the best course of action,” Kissel wrote in an email to The Hoya. “At GUASFCU, we have had members report a potential fraudulent check to us proactively and thus did not charge a fee when the check eventually bounced. If you have given out banking information, closing your original account and opening a new one is oftentimes the best way to avoid fraudulent activity.”
Despite the support GUASFCU offers, the university should be doing more to raise awareness about the potential for phishing and scams for students, according to Bazail-Eimil.
“Every year, these always happen. And they literally did nothing to warn us. This is the first time I’ve ever received an email saying, ‘warning.’ Georgetown needs to do a much better job protecting its students from these things.”