The Virginia Tech IT Security Office is tracking a sharp increase in ‘spear phishing’ emails impersonating people in leadership roles. In late 2019, people started receiving emails supposedly from Virginia Tech administrators asking them for a favor. Some have included false links or implied that the recipient has missed a meeting or deadline.

To illustrate, our IT Security Officer, Randy Marchany, sent himself an email from a spoofed account. In Gmail, it initially looks like this:

example of email sender and recipient with arrow pointing to triangle

screenshot of email sender and recipient with arrow pointing to triangle

Notice that the sender address says it came from “Randy Marchany.” However, if you click on the small triangle, you’ll see the complete email address of the sender.

screenshot of email sender and recipient information with blue arrow pointing at full sender's email address

The real sender’s email address is marchany.vt.edu@gmail.com which is not an official VT email address. Current phishing attempts affecting Virginia Tech often mimic a real VT employee’s name. If you see this format in an email that seems to come from someone you know, you can be sure it is false, and should report it.

The IT Security Office urges all Hokies to learn to recognize and report suspicious messages. Always be on the lookout for red flags in emails and phone calls. Common tactics used by cyber attackers include: 

  • Spoofing the identity of someone you know. If an email you get from a friend or colleague seems “off” in its tone or subject matter, it likely is. Check the email address for irregularities.
  • Creating a sense of urgency, making an offer that seems too good to be true, or using fear tactics.
  • A malicious attachment, or a link that asks you to provide login information.
  • Impersonating an official organization, such as Virginia Tech, the CDC, or IRS. Official organizations or government agencies will not demand personal information.

If you receive a suspicious email, report—don’t respond. Do NOT click on any links, open attachments, or reply to suspicious emails; instead, report them as phishing to your email provider. Virginia Tech students, faculty, and staff are asked to forward the email with its header information/message details to the Virginia Tech IT Security Office at itso@vt.edu and abuse@vt.edu. You may also wish to contact the apparent sender of a message directly to let them know that their identity is being spoofed. Community members should report suspicious websites to their organization’s IT department or help desk.

If you have questions about cybersecurity, please contact the IT Security Office at itso@vt.edu. For help with your technology needs, submit a 4Help ticket or call the 24-hour help desk at 540-231-4357.

Additional Resources