On May 9,2022, a phishing email was spammed out from compromised DePaul University email account(s).
The malicious email impersonates DePaul University's Admin Department in the signature block of the email, and purports that the recipient has had a suspicious sign in attempt, and must click on a link to avoid their account from binng blocked.
The link takes victims to a non-DePaul outlook login page and is set up by the malicious actors to harvest the credentials of victims.
It is important not to take email at face value, even when it appears to come from a DePaul or other known address.
Some indicators that this email is malicious:
- Numerous spelling and grammatical errors
- Impersonation of a department/group at DePaul
- An attempt to create a sense of urgency
- Hyperlink to a non-DePaul website