HKCert
Security Blog

Beware of "Are you available?" phishing scam email

Release Date: 25 / 02 / 2020
Last Update: 25 / 02 / 2020

HKCERT has recently noticed that some students from local universities have received a phishing scam email with the subject "Are you available?". The scammer impersonated as a professor or university executive, seeking urgent help and reply from the email recipients. Once the conversation started, the scammer would perform the money scam, such as asking for a gift card.

 

These impersonation emails are a type of social engineering attack. Users would be convinced that it was sent from a trusted party. In this incident, the signature in those emails was of a professor but were actually sent by other email addresses using free email service providers (such as gmail.com, yahoo.com) instead of the university's email account. Since the emails do not contain any malicious attachments or links, they were not likely to be detected and filtered by the email gateway. However, recipients could check the sender address carefully to identify the suspicion.

 

This type of scam emails can be traced back to 2018 in other regions, but recently we noted a rising trend of such emails targeting local universities. Hence, HKCERT urges the public to stay vigilant to prevent pecuniary loss.

 

The sample scam email is as follow:

What should you do if you receive suspicious email?

  1. Always check if the sender email address matches the sender;
  2. Delete the email;
  3. Beware of any email requesting money transfers or financial assistance; and
  4. Report the case to your IT department immediately.

Related Security Alerts:

  1. Local universities

    https://www.itsc.cuhk.edu.hk/newsdetails/phishing-alert-are-you-available/

    https://itsc.ust.hk/services/cyber-security/phishing/phishing-samples/#20190912

    https://www.cityu.edu.hk/csc/deptweb/support/faq/email/phishing/phishing143.htm

  2. Overseas universities

    https://www.boisestate.edu/oit/2019/01/30/are-you-available-email-phishing-scam/

    https://support.rowan.edu/sp?id=kb_article_view&sys_kb_id=9c2fe8a8db292b4883847bec0f9619b3