Recently, a new extortion scam has been reported to the Penn State Office of Information Security (OIS). The scam is personalized and targeted, containing a valid password previously used by the user. The password may not be current; sometimes the password is years old and may have been harvested from a compromised external website. However, as these types of scams grow in popularity, scammers could use newly compromised credentials.
- Do not respond to scam messages, click on any phishing or scam links, or open any attachments from unexpected sources
- Do not use the same password across multiple sites
- Do promptly change any passwords that have been compromised
For the latest phishing alerts, or to report a new alert, please visit: https://phishing.psu.edu.