Screenshot of one variant of the malicious email:
Screenshot of another variant of the malicious email:
In late August, 2021, there was another round of job scam emails were sent out from compromised University email addresses. These are the same job scams that the Information Security Team has been alerting the community to for many months.
In this round of attempted scams, there were two noted variants. In the first variant, the malicious email encourages recipients to apply for a "job" at DePaul by sending interest to an external non-DePaul email address. In the second variant, the malicious email encourages recipients to click a link leading to an excel form to apply.
Once the malicious actor has a phone number, as well as other personal information, for the victim, the communications will often move to a text message format. Ultimately, the malicious actor will attempt to defraud the victim by sending the victim a fraudulent check or via a cash transferring app such as Zelle or Cash App.
Some indicators that these emails are malicious:
- Numerous spelling and grammatical errors
- Promises of easy money
- Communications being led off of DePaul's platform (i.e. emailing a non-DePaul email address and communications via text messages)
- Links to non-DePaul websites (remember to preview links by hovering over hyperlinked text)