Fraudulent district email phishes for Mesa students and staff

The+phishing+scam%2C+which+took+place+with+a+fake+district+email+account%2C+affected+both+students+and+staff.

Abel Uribe / Chicago Tribune

The phishing scam, which took place with a fake district email account, affected both students and staff.

Walker Armstrong, News Editor

An email phishing scam, perpetrated by an individual equipped with a district email account, affected thousands of Mesa students, faculty, and staff in the months of January and February, according to Acting SDCCD Information Technology Director Don Bertram.

The fraudulent district email account, dparvini@sdccd.edu, posing as the nephew of a new professor, sent out a number of propositions to other district email users under the guise of looking for a “dog sitter,” according to the email. The district email user then provided his false uncle’s Gmail, instructing the recipients to contact him directly “along with [their] name and phone number” and request “job details,” according to the email. 

“Due to a compromised email account within the SDCCD domain sending out thousands of spam messages,” Bertram wrote in a statement on Feb. 8, “email from SDCCD is temporarily being deferred at Microsoft, Yahoo, and Hotmail mail host. SDCCD IT is working with Microsoft, Yahoo, and Hotmail to get this deferral lifted.”

A deferral is when the recipient’s email server is refusing to receive emails for an indefinite amount of time, which, according to Bertram, was a measure enacted by the email servers as an attempt to “greylist” the district and student email users affected by this phishing scam and other related spam. 

“Greylisting is a method of defending email users against spam,” Bertram said. “A mail transfer agent…using greylisting will temporarily reject any email from a sender it does not recognize.”

According to a series of text messages and emails sent to a Mesa student, the fraudulent “uncle” went by the name Anthony Rodney. This individual claimed they were a professor on a “contract basis” and were “relocating to [their] neighborhood from Canada” looking for a dog sitter for his “11-month-old Maltese pup.” Moreover, the individual claimed to have recently undergone “ear surgery” and, therefore, would only be able to communicate via email and text. 

“Hence, I’m reviewing your application personally and I’ll let you know my decision immediately,” the fraudulent email wrote to the recipient. “In the meantime please fill up the questionnaire below for immediate processing of your details.”

The questionnaire mentioned, requested the recipient’s full name, address, city, state, zip code, cell phone number, and “best time to reach you.” 

The proposition also mentioned that the “dog sitter” would have to stay at a hotel. “I have instructed my office to check conducive hotels around your cross-street,” the email said, “when I have the reservation details on my desk I will furnish you with the booking information so you would know where we shall be staying.”

At this time, there is no information on who this individual is or if they were acting alone. 

However, as of Feb. 10, the deferral was lifted. “Emails from the SDCCD.edu mail system are being delivered successfully,” Bertram said, “and [we] do not show any indications that we are being greylisted at any external mail systems.”