Teachers College has seen an increase in a new type of email scam that attempts to use previously-stolen passwords to extort monetary gains from email recipients. 

This scam claims that the attacker has compromising and or private information about the victim, and includes a username and password as “proof” that they have exploited your computer. The password shown in the email is often an old password may have been previously stolen from social media accounts such as eBay, Yahoo, Linkedin and others that have had data breaches.

The email is asking for payment in return for not releasing the information. 

TC IT is advising that you do not respond nor communicate with anyone in the email. If you notice the email contains a current password you are using, immediately change your password for that account. 

If you have received this email immediately mark it as SPAM in TCGmail. If you have communicated with the email sender, please contact the ServiceDesk so we can follow up with you in the event any compromises have been done to your computing systems. 

As a reminder please follow good internet account best practices, use long and strong passwords and use a password management application. TC IT provides Bitwarden to all faculty and staff. Students can also use a personal LastPass account. Instructions for using the password management tool is available on the Employee Portal in the Knowledge Base Section.

If you have any questions on this email notice or require assistance with setting up a Bitwarden account, please reach out to the Service Desk at ServiceDesk@tc.columbia.edu or (212) 678-3300