Cybercriminals are targeting NC State email addresses with an email and PDF attachment that claims they have video of the individual engaging in embarrassing or inappropriate activity. They then threaten to release the video unless payment is sent. The email includes personal information, such as the individual’s phone number, home address and even images of their home.

While it can be alarming to receive this kind of message, this information is often publicly available and used to scare you into sending money. Don’t fall for it!

Protect yourself and the university by following these three steps.

1. Be Suspicious

• Assume that any threat or request for money is a scam. Do not respond or send payment.
• Be wary of anyone asking for your contact, financial or login information.
• Always verify the email sender’s address, even if it seems familiar.

2. Take Your Time

• Think before you open an attachment, click a link, provide your username and password, or approve a Duo Security notification.
• Carefully examine all URLs before clicking them.
• Slow down and keep an eye out for an unusual sense of urgency, awkward wording and misspellings.

3. Ask for Help

• If you’re worried you’re being targeted by a scam, contact the NC State Help Desk via the NC State IT Service Portal or call 919.515.HELP (4357).
• You can also report suspicious emails to phishing@ncsu.edu or via Google’s built-in reporting feature. Open the suspicious email on a computer, click the More option (three vertical dots) at the top-right corner and select Report phishing.

Learn more about phishing at NC State at go.ncsu.edu/phishing, and watch this video from Chancellor Randy Woodson on phishing. For monthly tips to help you stay safe online, subscribe to OIT News.