Email Extortion Scam

In recent weeks, members of the Dartmouth community have been receive emails which attempts to extort money from the recipient. Do not reply to the scammer, do not pay them; just delete the message.  

Additional frequently asked questions about this are below:

Why am I seeing my password in this email? Was my account hacked?

  • This is a known scam that purports to have compromised your account and threatens to divulge private information or video to your contact list. We have not seen any evidence of actual compromised Dartmouth accounts in our investigations to date.
  • You are most likely seeing this email because your username and password were a part of a compromise of an external, non-Dartmouth site that you signed up for using your Dartmouth email address.
  • These messages are currently being automatically flagged as Spam and Phishing and being placed in users' Junk email folder.

What should I be concerned about? What do I need to do about this?

  • If the password is your current Dartmouth account password, please call the ITC Service Desk at 603-646-2999 as soon as possible to report the issue and get help changing your password.
  • If you recognize the password, your password should be changed at any site or sites where it was in use, especially if this is the password that is currently in use.
  • Do not reuse passwords. Create a unique password for every site you sign up for. This limits the ability of a single password compromise from impacting multiple sites.
  • Use a password manager to generate and store these passwords.
  • If the message is found in your Inbox, and not in the Junk folder, report the message as Junk or Phishing via Outlook on the Web or an Outlook client using the "Report Message" tool or send a copy of the original message including the headers to the Helpdesk. This action helps identify these messages and improve detection of similar messages in the future.

How is Dartmouth protecting my account?

  • Dartmouth is providing Email protection through Microsoft Office 365 and Advanced Threat Protection for current Student, Faculty and Staff mailboxes. This service provides Spam and Malware filtering that removes malicious attachments and places Spam in the junk mail folder.
  • We regularly review our usage of Microsoft's constantly evolving tools to identify more effective detection and controls to combat this type of email.

What if I am forwarding my email?

  • If you are forwarding your email out of our supported email environment to another email provider, Dartmouth cannot guarantee the behavior of the email system receiving these messages. You will need to configure your Spam and Malware with your chosen email provider.

Details

Article ID: 66007
Created
Thu 10/25/18 10:07 AM
Modified
Fri 8/30/19 1:46 PM