Skip to main content

Beware New Email Phishing Scam Targeting University Employees

A new phishing scam is trying to get clicks in Boise State University emails. Some users have reported receiving an email, which looks like it’s coming from a supervisor, that is trying to solicit a conversation/reply email.

Here is a sample of the message:

Date: December 05, 2018 at 9:37:12 AM MST
To: [Your email]

Are you available?


While this email doesn’t have any malicious attachments, it is using social engineering to get a response email from an unsuspecting user. However, the sender is not using the correct email as most do not come from a domain.

Once this type of scam has been interacted with, the scammer usually makes up an excuse about being in a meeting and wants the recipient to do an important favor as soon as possible. The favor the scammer wants is for the recipient to purchase iTunes gift cards, scratch off the pin numbers and send them back a picture of the cards and pin.

Tips to avoid becoming the victim of a scam:

Always double check the sender’s email address. Many times scammers will use a similar name or try and add “Boise State” in the address to trick users. It is important to examine what comes after the “@” symbol – otherwise known as the domain. Domains listed with,, or are not university emails and users should exercise cautions before responding to these emails.

If using a mobile device, sometimes the full email address does not show automatically. You can check the address by clicking on “view details.” This is usually located at the top of the email and displays the sender, recipient and date information. All mobile devices and mail applications are different, so it’s best to confirm with your manufacturer and/or app on the best way to view details.

If you are unsure about an email, contact the Help Desk at (208) 426-4357, email at, or chat online.