Please be aware, we have seen an increase recently in suspicious emails sent to Gwinnett Tech students in an attempt to get students to reveal sensitive information.
Key Points:
- Check who sent the message, was it Gwinnett Tech?
- Don't tell scammers your password
- Don't tell scammers your MFA code
- Don't approve an MFA push you didn't request
scroll down for more information
What is phishing?
Phishing emails are deceptive messages that appear to be from legitimate sources, they may try to impersonate Gwinnett Tech or other trusted institutions, to get you to reveal your personal information, login credentials, or financial details. There has been an increase recently in phishing emails targeting Gwinnett Tech students.
Scammers want your password, don't tell them!
It seems obvious not to tell anyone your password, but scammers are getting sneaky in the ways they may try to get you to reveal it.
Some messages claim to be from Tech Support, student services, or other Gwinnett Tech departments. Some of the messages try to use an impressive sounding name with the title of Doctor claiming they work for the school. Don't be fooled.
These emails did not come from the school.
Never tell anyone your password or MFA verification code
No one from the school will ever ask you for your password or MFA verification code.
Any message that asks for this information is a scam.
Don't click yes on an MFA push notification you did not request.
This is an attempt to gain access to your account. Change your password and report it.
Check the sender, gmail? gwinnetttech.edu?
Gwinnett Tech will never send you messages from gmail or other free email
The easiest way to spot these messages is by looking at the sender.
Official messages from the school will be from a @gwinnetttech.edu address.
If a message claims to be from the school, but it is from a Gmail or other free email account, it is fake.
No one from the school will send official messages from a gmail account.
Is that a student account? Is it from Gwinnett Tech?
Sometimes the message may come from a compromised student account @student.gwinnetttech.edu. This is happening less often after recent security changes such as requiring the Okta verify app.
Scammers also sometimes use student accounts from other schools. Pay attention if you see one of those. Sometimes they may try to obscure this by changing the name. Anything other than a @gwinnetttech.edu address is fake.
What do phishing messages look like?
Some messages are blank message with an attention getting subject line but no text, the messages all contain a document. A link in the document takes students to an online form asking them to reveal information.
Fake Tech Support messages
Some messages will make claims your student email account is at risk of being shut down. These are scams
Gwinnett Tech will never send messages like these. Microsoft will never send messages like these.
They may have a form or a link from the message directly. They will say you must tell them your password so your account is not deleted.
Student Tech Support does not send out messages like this.
Fake Job Offer
The subject lines will vary making them sound like a job offer, some recent examples include:
IT'S NOTIFICATION
PROSPECTIVE TEMPORARY EMPLOYMENT
Internship Opportunity
Student Job Advising
Part Time Work
Act Now
Off-Campus Remote Job
The form link in the document makes it sound like a job application but it is all fake.
Do not open the link, do not fill out the form
These are all scam messages, check out the Phish Bowl
If you see a message like this, please report them. Forward the message to spammail@gwinnetttech.edu
See more examples of Email scams targeting Gwinnett Tech Students - Phish Bowl
If you receive a suspicious message, please report it
Reporting suspicious messages helps us purge these messages from the Gwinnett Tech student email system.
If you receive a suspicious email send it to spammail@gwinnetttech.edu so the message can be purged from the system.
We need to know the Subject, Sender, and Date of the message so we can purge the messages from the system. Please help us protect your fellow students and report these messages if you see them.
Report suspicious messages
Report suspicious message to spammail@gwinnetttech.edu
Do not open any attachments or click on any links in the suspicious message.
See more examples of Email scams targeting Gwinnett Tech Students - Phish Bowl
If you have questions please contact the Student Help Desk.
stuhelpdesk@gwinnetttech.edu | 678-226-6407 | Tech Support desk on campus, hours and location