Information Services > Security > News & Updates > HR/Financial Message Covid Relief Phishing - 09/29/21

HR/Financial Message Covid Relief Phishing - 09/29/21

Screenshot of malicious email:

A screenshot of a malicious email. The email attempts to convince victims to click on a malicious link.


On September 29th, 2021, a financial message/covid-relief themed phishing email was spammed out from compromised DePaul University email accounts. 

The malicious email purports that the recipient has a pending message from a HR and/or the "financial department".

The link takes victims to a non-DePaul website, which is set up by the malicious actors to harvest the credentials of victims. The credential harvesting website uses some Microsoft logos in an attempt to make the page look more legitimate.

It is always important to remain vigilant when handling email, even when it appears to come from a DePaul email address or other official looking email address. Email addresses and login portals can be spoofed and imitated. Compromised email accounts (e.g. if a fellow DePaul community member fell victim to phishing) are often used to target the community. Keeping your DePaul account secure helps keep the entire community secure.

Some indicators that this email is malicious:
- Grammatial errors​
- Promises of mo​ney (covid-relief)
- A link to a non-DePaul website
- Impersonation of DePaul departments
- Incorrect contact information

Anyone who has entered their credentials into this scam should immediately change their password and report the incident to security@depaul.edu.