“Hey, can you do me a quick favor?” sounds innocent, right? But if that message came from your manager… at a weird hour… and on WhatsApp instead of a university Teams or email account… it’s probably not really them at all.
Scammers are getting smarter and now they’re posing as coworkers, managers, or departments like HR and IT. They use third party chat apps like WhatsApp to evade detection because our security controls cannot see and cannot protect them. There are often no sketchy links, just a casual conversation hook meant to entice you to reply and if you do, they will try to trick you into handing over sensitive info or doing something that you shouldn’t.
Check out this real (redacted) WhatsApp message that was received by a manager at UFV:
All the red flags are here: WhatsApp instead of UFV email? Check. Received at a weird hour (3:51am)? Check. Vague request and enticing a reply? Check.
If you receive a message on WhatsApp claiming to be a colleague, manager, or department at UFV, you should treat it with caution. Do not reply to the message. If you want to speak to the person the message claims to be from, it’s a good idea to contact this person through a verified method such as their UFV email address, Teams, or UFV extension.
If you receive a similar message, please contact cybersecurity@ufv.ca or fill out the report a Cybersecurity Concern form.
Comments are closed.