Hiring Scams: Exploiting Reward-Seeking Behavior

Phishing Scams: Can You Spot Them Like Scrappy?

Scrappy in a winner pose.

Scrappy is on the case! Join him as he cracks the code of phishing scams. We'll uncover sneaky tricks scammers use in their emails, so you can become a whiz at identifying them and protecting yourself from online fraud.

Get ready to . . . 

  • Read real-world examples: Scrappy will show you suspicious emails and challenge you to spot the red flags.
  • Think like a detective: Use your critical thinking skills to identify clues that something's fishy.
  • Become a reporting hero! You will learn when to report an email and keep everyone safe online.

    Be like Scrappy: Always report suspicious emails! Remember: Spot. Stop. Report.

Example 1:









In reference to the above subject, the above institution would be hiring students this week as Interns for a remote position.
The aim of this position is to help struggling students cover expenses incurred here on cmapus.
Tasks can be carried out at leisure, taking at most 1 per day, 7 hours a week
with a weekly pay of $350 as compensation for services rendered.
It is a Flexibile Opportunity where you will determine your working time. Since this is 
a 'Remote' Position, taks can be carried out from home or on campus. Interested
students, Kindly Contact PRofessor THOMAS DECARLO via email on tdecarlo1@outlook.com stating your full name, email, department, student ID or net ID, alternative email and year of study 
regarding the job description and further applicaiton
Please Note: Slots are Limited and Consideration will be given on a first come first served basis

Best regards.


Spot. Stop. Report.

    1. The email is marked as external but the sender claims to be from KSU.
    2. The subject line has a typo and is written in all caps; both are unlikely to happen if written by professionals.
    3. There is no signature.
    4. The job offer never mentions what kind of tasks you would perform.
    5. For an unspecified task, you are offered $50 an hour! This is just to good to be true.
    6. You are asked to share sensitive information that, if known, would make it easy for someone to steal your identity.
    7. You are urged to respond quickly because slots are limited.
    1. Spot: Notice the signs described above.
    2. Stop: Do not respond to the email. If you are unsure whether an offer is legitimate, see if you can find any information about the people mentioned in the email. Is Thomas Decarlo teaching at KSU? If he is, you can reach out to him directly and inquire if this is a legitimate offer.
    3. Report: Use the Phish Alert button to report the email to UITS. (If it is legitimate, you will be notified that you can safely proceed with any requests.)

Example 2:








Good day.

Work at your convenience and earn $450 weekly. It's a Flexible part-time job. All the tasks are work from home/on campus job, you don't need to travel somewhere and also you don't need to have a car to get started. Please find the position and some basic information below.  


Position: Personal Assistant

Type: Part-Time Job


Weekly Hours: Average of 5-7hrs Weekly

Click here [link removed] to know more about the position please apply below.

Spot. Stop. Report.

    1. The sender does not sign their name or have an email signature although the email seems to come from either KSU faculty or staff.
    2. The subject line is too general ("Hiring").
    3. The pay for an undefined and easy job is very high and enticing.
    4. There is a link you are urged to click to find out more.
    1. Spot: Notice the signs described above.
    2. Stop: Do not click any links or respond to the email.
    3. Report: Use the Phish Alert button to report the email to UITS. (If it is legitimate, you will be notified that you can safely proceed with any requests.)


If you have any doubts about the legitimacy of an email, report it to University Information Technology Services (UITS)!  Forward it to abuse@kennesaw.edu, or click the  "Phish Alert Report" button in Outlook.

Return to Phish Market