Email Scam targets Lindbergh students and beyond

District working to identify compromised accounts and have staff and students reset them.

One of several Lindbergh students and staff received this email from TRUEBLUE, INC.

Screenshot from LHS students email.

One of several Lindbergh students and staff received this email from TRUEBLUE, INC.

Elina Nghiem, News Editor

Over spring break, you may have received an email saying: “There’s an ongoing survey recruitment exercise for part-time survey takers. You’re paid to evaluate stores like Walmart, Walgreens, and CVS, any stores around you. The wage is $300 weekly. You’ll evaluate and comment on customer service rendered. It also doubles as a great second job. Click below to know more about the job and apply.” While it may seem unbelievable coming from a stranger, finding it came from a peer with the familiar “@rentonstudent.us” really seals the deal.
Several students filled out the Google Form and found themselves in the middle of a scam from a person named Jeff Bryan from TRUEBLUE, INC.

While you may have dismissed it, others decided to take advantage of the great opportunity. Who would miss out on such an easy job? A true definition of too good to be true. It all seemed so easy and simple, that anybody would be willing to join in. The results, however, did not seem as unbelievable.

The Google Form asked for your email, phone number, age, sex, and bank name. You would later receive an email notifying you of your acceptance into “TRUEBLUE Inc.’s” research team with the following information: “You will be paid $300 for every assignment provided with all the funds you need to carry out your assignment.”. Typically you would have “two to three assignments in a week and make over $1500 weekly.”
It also required applicants to have a valid bank account.

The email from TRUEBLUE received by several Lindbergh students and staff. Names have been blurred for privacy. (Screenshot of LHS students email.)

One student whose name is being protected for privacy showed the Egalitarian emails and text messages from a TRUEBLUE, INC. advisor and a check for $1,950 from BVR, LLC out of Dbrenham, Texas. The TRUEBLUE advisor would begin to contact you, via text, instructing you on what stores to go to, and how much money to spend on gift cards. After you buy and complete the surveys, he’ll ask you for the gift card code so he can “reimburse you later.”

However in researching, the Egalitarian found TRUEBLUE, LLC to be a business in Tacoma, Washington that specializes in connecting people to work and discovering solutions to their clients’ workforce needs. This does not include part-time survey takers. In fact, many errors in the email discovered misspellings of company names and changes to names to all caps like TRUEBLUE which is TrueBlue Inc.

The check for $1,950 was addressed from BVR, LLC in Dbrenham, Texas. The check is sent to you, via mail. Your advisor will claim that the check will go through in the following week. However, the address was returned to a farm with an incomplete address and a misspelling of the name of the town. BVR, LLC is a truck staffing company.

A copy of a check received by a Lindbergh student with private information blurred. (Courtesy of LHS (name withheld for privacy).)

Both companies were emailed and the bank. However, all three have not returned comments.

“In reality, we can’t identify exactly how email address lists were found, but usually this happens through a compromised account, which would then have access to address books. We have been working to identify compromised accounts and have staff and students reset them,” said Ellen Dorr, Renton Schools District’s Chief of Technology & Strategic Initiatives.

Dorr said compromised accounts happen through a variety of things:
Access to accounts [is] gained by collecting pieces to the digital puzzle. Various means are used to gather this information, usually, the path of least resistance is used which is “Social Engineering”, which can be in the following forms:

*Phone calls requesting information
*Filling out a raffle ticket with requested information; email address
*Signing up for a free widget using your email address
*Receiving emails and carelessly opening an attachment that launch something malicious that captures your login info unknowingly (keyloggers)
*All of the above is a piece to the puzzle that is being constructed

To note,
Not following best practices also add to the risk:
*Reusing the same password
*Not having a password policy in place
*Using very simple passwords
*Exposing password formats to the public and maintaining the standard afterward.

Anytime students or staff receive an email that looks too good to be true, proceed with caution and always let a teacher, Mrs. Dompier, or even us (In our Feedback/Suggestions form) know if there is any suspicious activity.