Duke’s information technology security office warns of a scam email circulating the University’s community. 

A recent email phishing attack targeted 233 people at Duke, according to Richard Biever, chief information security officer. Fortunately, the attack targeted a relatively low number of people compared to what Duke has seen before, Biever wrote in an email to The Chronicle. 

“The nice thing about our community is that when we are hit with phishing, we get very quick and accurate reports from recipients asking or warning us about the messages,” Biever wrote. “We always recommend that if there are any questions about the legitimacy of a message to please contact security@duke.edu.This is truly the case where community efforts help protect all of us.”

The sample email provided in a press release, sent from a “Gregory Broomfield,” asks the recipient for private tutoring services for his daughter. 

Chronicle Special | Special to the Chronicle


Like all phishing scams, the message tries to bait viewers into replying so that they can ask for more personal information. 

The goal? Financial gain or fraud, according to the release. 

This sort of attack has targeted faculty and graduate students before, but instead in the form of asking for a syllabus or a reading list, Biever said. 

The office advises people to contact the OIT Service Desk at (919) 684-2220 if they have replied to the phishing message and provided personal information. If you did not reply, simply delete the email, it advises. 

The IT Security office also posted a set of full guidelines on how to avoid phishing attacks, including looking for poor grammar, hyperlinks and attachments.