Phishing email reaches 2,000 students

Photo Courtesy of Illinois Technology Services

A student types on their laptop. Around 2000 Illinois students recently received a phishing email.

By Chieh Hsu, Staff Writer
February 10, 2021

Earlier last week, around 2,000 students received an email from a self-proclaimed Dr. Thalicia Melendez regarding a job offer that was too good to be true.

The fictional Dr. Melendez was offering a job with fictional extravagant payment in hope that students will provide their address, phone number and personal email address. The email also mentioned bank account information, but it is unclear if they were aiming for that data as well. 

Some students saw through this ploy. 

“The email talks too much about money,” said Nick Allen, freshman in LAS. “It doesn’t feel like they are requesting any other information other than the contact info. It doesn’t go too much into the tasks of the job either.”

The Cybersecurity Operations Center at the University has identified it as a phishing attempt. 

Get The Daily Illini in your inbox!

  • Catch the latest on University of Illinois news, sports, and more. Delivered every weekday.
  • Stay up to date on all things Illini sports. Delivered every Monday.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Thank you for subscribing!

“Phishing attempts happen every day,” said Jeremy Watson, manager of the Cybersecurity Operations Center for Technology Services. “They often contain a clickable link that takes the target to a fraudulent website that looks like a legitimate login page.” 

According to Watson, phishing campaigns happen after a University account becomes compromised. The ‘bad actors’ obtain the username and password of the account and use it to further compromise other accounts for other purposes. This can result in the loss of personal data or information.

“The University has many tools to detect and prevent fraudulent emails, but some make it through those initial barriers,” said Watson. “Bad actors play on people’s emotions, personal connections, and desires. And they might use familiar-looking but ultimately fake images or wordmarks, and many other tactics.”

According to Watson, students should report phishing messages and spam emails to [email protected]. Students are advised not to click on the links in those emails. To report compromised accounts, students should email [email protected]

For more information on phishing, students can visit https://techservices.illinois.edu/security/phishing and Training – Security Program (uillinois.edu) for cybersecurity training. 

[email protected]