Information Services > Security > News & Updates > Fake Account Activity Phishing - 08/31/21

Fake Account Activity Phishing - 08/31/21

Screenshot of malicious email:

A screenshot of a malicious email. The malicious email attempts to trick victims into clicking a link.

On August 31st, 2021, a phishing email was spammed out from compromised DePaul University email account(s). 

The malicious email impersonates DePaul University's helpdesk in the signature block of the email, and purports that the recipient has had a login/account activity from another computer, and must click on a link to keep their account active.

The link takes victims to a non-DePaul website and is set up by the malicious actors to harvest the credentials of victims.

It is important not to take email at face value, even when it appears to come from a DePaul or other known address.

Some indicators that this email is malicious:
- Numerous spelling and grammatical errors
- Impersonation of an official department/group at DePaul
- An attempt to create a sense of urgency
- Hyperlink to a non-DePaul website (remember to hover over hyperlinked text to view the underlying URL)​