Information Services > Security > News & Updates > [Email Notification] Information Security Alert - Malicious Phishing
September 10, 2021 /
Posted in: Phishing and Malicious Emails, Security Announcements /
[COPY OF NOTIFICATION EMAIL]
As the quarter begins and learning kicks off, we are hoping to provide you with some information regarding recent scams, to help keep you safe. Below are some common scam variants that have been seen targeting DePaul recently.
A wide variety of these scams have been seen targeting DePaul recently via email. Common variants include inviting recipients to apply to be a "secret shopper" or an "office assistant", either by sending your interest to a non-DePaul email address or by clicking on a link to fill out an "application" at a non-DePaul website or form. Ultimately, the malicious actor will attempt to defraud the victim via fraudulent checks or cash transfer apps. These scams may include DePaul logos and branding, in an attempt to make them seem more legitimate. Anyone who has provided the malicious actor with personal information or fallen victim to this scam should contact firstname.lastname@example.org with concerns.
A wide variety of phishing emails have been targeting DePaul community members recently. Recent phishing scams include emails that attempt to trick victims into reviewing an "important unread" message related to financial aid, faxes, voicemail, or documents, or needing to "verify" account activity, and more. These phishing attempts often impersonate DePaul University departments, or other official entities, and entice users to click on a link or open an attachment to enter their credentials. Users that believe they have entered their DePaul username and password into any malicious website or form should immediately change their password and report the incident to email@example.com.
It is always important to remain vigilant when handling email, even when it appears to come from a DePaul email address or other official looking email address. Email addresses and login portals can be spoofed and imitated. Email accounts compromised will be used to pivot and target other users in the community, so taking care of your account will help us take care of everybody else at DePaul.
For more information regarding scams that have been targeting the University, including examples with pictures and a breakdown of suspicious indicators, please visit the Information Security Team's news page: https://offices.depaul.edu/information-services/security/news-updates/Pages/default.aspx
For tips on how to stay safe online, please review the information security awareness training available at: https://go.depaul.edu/securitytraining
If you ever have any questions or concerns related to information security, or wish to report a suspicious/malicious email, please always feel free to contact the Information Security Team at firstname.lastname@example.org.