Betaalkaart Stefan Phillips
Betaalkaart Stefan Phillips

Can you help me out? Phishing emails in circulation

News item

The president of a student council, your lecturer or supervisor sends you an e-mail asking if you can help and quickly buy something. Helpful as you are, you quickly respond. But beware! There are phishing emails (CEO fraud) in circulation that are almost indistinguishable from the real thing. You will find examples at the bottom of this post.

Especially around exam periods, there are more phishing emails of this nature. So despite exam stress, stay alert to strange requests.

In addition to all the usual things you recognise phishing emails, these include specific characteristics

  • The email was sent in the name of a student council president, lecturer or executive.
  • The email has been sent from a gmail address with the word ‘executive’ in it. Examples: executiveofficer3784 [at] gmail.com and oexecutive688 [at] gmail.com (see image).
  • It is supposedly a surprise for the team or it is confidential. You are asked to keep the request secret.
  • Your phone number is requested to continue appending on WhatsApp.
  • The profile picture on WhatsApp of the ‘so-called sender’ corresponds with the name , but is copied from LinkedIn.
  • If you are contacted via WhatsApp, you are asked to purchase gift cards or something else.

This form of phishing (CEO fraud) is hard to spot. Fortunately, as far as we known, all recipients recognised the phishing or followed their gut feeling.

These tips will help you spot suspicious emails, apps or text messages

  • Do not respond to private email addresses or a phone number you cannot check.
  • Student council members never email from their private email, but always from their student Radboud email address.
  • Only respond to requests from people you know. In doubt? Then contact that person in the manner you usually do.
  • Use existing procedures if you are asked to purchase something.
  • Scammers use time pressure/emergency, play on your trust and pretend to know you.
  • The e-mail contains a warning in the grey bar (You do not often receive e-mail from ...). Take this warning seriously.

Report

Do you receive such an e-mail? Report it using the ‘report button’ in Outlook. This will cause the university's phishing filter to recognise the emails and automatically stop them.

You can also contact the ICT Helpdesk (024-36 22222) or the Information Security contact person of your faculty or division. They will help you with the necessary follow-up actions, also if e-mails were sent on your behalf. After all, your report may prevent someone else from becoming a victim of scams. 

Examples

voorbeeld van een phishingmail
Voorbeeld whatsapp phishing

For privacy reasons, names have been blocked. These are names of people at the university who have been abused.

The image above is an example of a phishing email.  Among other things, you can see from the e-mail address that it is ‘strange’.

The second example is an image where, after the initial email contact, people proceeded via App to communicate further.

Contact information

Organizational unit
Information & Library Services

See other news

Suspicious emails or ‘phishing’

If you receive an email from an unknown sender asking you to share information, be alert. It could be phishing; this is an attempt to defraud by way of a digital scam.

VPN: off-campus access to systems

VPN provides secure internet access, especially when you are using a public internet connection. VPN also provides access to all of the university’s systems.