Email phishing message asking for student research assistants

The information security team has received numerous reports about a new (old!) scam email trying to recruit student research assistants. There are several, similar versions of the message being sent to undergraduate and graduate students. Read on for an example of the message.

by Elizabeth Parsons, IT Services • Published 2/13/25 • Last updated 4/21/25 0:16:34

Email phishing message asking for student research assistants

by Elizabeth Parsons, IT Services • Published 2/13/25 • Last updated 4/21/25 0:16:34

This email notes there is a pressing need for student research assistants at ��, and asks students to send some personal information to the sender. This is a common type of scam we see, but this one is particularly detailed, which could come across as more credible. Watch out!

Look for this: Sample of the scam email

The email contains content similar to the following:

Dear Undergraduate and Graduate Students,

The Office of Institutional Research and Effectiveness (OIRE) at �� University is pleased to announce a remote internship opportunity available through the office of Job Placement and Student Services for all interested and qualified students. We encourage you to apply and gain valuable experience in your desired field.

Position: Remote Intern

Qualifications:

- Currently enrolled as an undergraduate or graduate student at �� University.

Responsibilities:

- Provide support to the faculty and staff of various departments in research tasks.

- Conduct experiments and literature reviews under their guidance.

- Maintain regular communication through online platforms and actively participate in virtual meetings.

Compensation:

Selected interns will be eligible for a weekly stipend of $350 to acknowledge their dedication and commitment. The stipend will be disbursed at the end of each week. Upon selection, applicants will receive a notification email and must attend an online orientation session before commencing their work. We welcome applications from students of all fields, nationalities, and citizenship statuses.

How to Apply:

To apply, please send an email to associate vice president of the Office of Institutional Research and Effectiveness, Padma Patil at [fakeemailaddress.miamioh22@gmail.com], including the following details: your full name, year of study, department, and an alternate email address. Please ensure that the subject line of your email state's "MIAMIOH lntern Application". Applications will be considered on a first-come, first-served basis as slots are limited. We look forward to your applications.

Sincerely,

The Remote Internship Team.

�� University.

If you receive this or a similar email, please do not respond or email your information to the referenced email; just delete the message. This is a common phishing practice to try to get recipients to respond to a message with personal data, build a relationship with the contact, and then request personal data like Unique IDs, social security numbers, or bank account information.

Quick tips for spotting scams

Here are some things you can look at to help determine the above email is a scam:

There are grammatical mistakes (“subject line of your email state's…”).
The email address actually used in the scam has been redacted, but you can guarantee that official �� folks use an @miamioh.edu email address, not Gmail.
The Remote Internship Team does not exist – also, official university organizations use an approved email signature.
�� organizations do not usually advertise for jobs via email, and they definitely don’t accept applications via email. That is done through ��’s employment portal ().

If you receive a message that you suspect to be a phishing message, please forward it to InfoSec@��OH.edu. This allows the information security team to block sites that may be associated with phishing attacks. If you ever feel you may have responded to a fraudulent message or clicked a link in one, please contact IT Help immediately at 513-529-7900.

For more tips about remaining secure online and at ��, visit ��OH.edu/infosec.

��