Cecil Okotah
Cecil Okotah is an Information Associate at Engineering Career Services.
Steer Clear of Fraudulent Employment Scams
by Cecil Okotah | June 5, 2019
Even though you may not be on campus this summer, you are probably still checking your email every once in a while. Unfortunately, there have been occasions where Ohio State email accounts were compromised through a phishing attack and then used to send fraudulent emails to students and staff. We want all of our students to pay attention to these types of emails and use best judgment and discretion when reviewing emails from potential employers.
Below are excerpts from an actual fraudulent email sent from a compromised Ohio State student’s account. There are several things to look for when deciding if an email from an employer is legitimate or not. I will point out of a few of the red flags from this specific email below:
Includes poor grammar, spelling, punctuation, and misinformation.
“My name is (Ohio State Student Name) and I work with the HandShake, and my job is to provide part -time employments for qualified students during the academic year and beyond. I have contacted you because there is an opening for you at NYSDSC and below are the lines from your potential employer:”
- There is improper grammar throughout this email. However, one of the most obvious discrepancies is that the sender refers to “the HandShake”, but “Handshake” is the correct name. Note that Handshake team members will not reach out to students with job offers—companies will contact students.
Asks for personal information, such as logins, passwords, banking information or other sensitive info including asking you to reply from a personal email address instead of your Ohio State email address.
“To be considered for this position, Use your "alternate email (different from school email)" to contact your employer directly by sending an email With your details as follow:”
- This email appears to be from a student employee at the university, yet, there is a different email domain when you hover your mouse over the sender’s email address. (Try this sometime when you are leery of an email you receive that appears to be from a legitimate domain!) In addition, the sender specifically requests that you reply with a non-Ohio State email.
Offers payments in advance and/ or requests to send mail to your residence or nearby post office.
“Payments for your task and purchases of supplies on my half will be paid in advance. Upon your acceptance, my personal letters and mails will be forwarded to your residence or nearby post office for you to pick up at your convenience.”
- In this case, the sender is offering prepayment and asking you to accept and ship mail on their behalf. This could not only be an attempt to steal your banking information, but could potentially be a money-laundering scam or reshipping fraud.
The goal of the sender is to entice you to fall for the scam. If you feel that you have been sent a phishing or malicious email, do not respond or click any links and forward the email to Ohio State’s Office of the Chief Information Officer at for phishing or abuse@osu.edu for spam/malicious emails. Notify Engineering Career Services at eng-ecs@osu.edu if you receive suspicious employment offers.
“If you keep your eyes open enough, oh, the stuff you will learn.” – Dr. Seuss
About the author