Screenshot of malicious email:
In mid-October, 2021, compromised DePaul community member accounts sent out fraudulent scam messages pertaining to pandemic relief funds.
The malicious email purports that the recipient qualifies for federal government pandemic relief funds.
The link takes victims to a non-DePaul (free website builder) website, which is set up by the malicious actors to gather sensitive personal information from the victim. Divulging this information will likely result in identity theft and/or theft of finances.
It is always important to remain vigilant when handling email, even when it appears to come from a DePaul email address or other official looking email address. Email addresses and login portals can be spoofed and imitated. Compromised email accounts (e.g. a DePaul email account owned by an individual that fell for phishing) are often used to target the community. Keeping your DePaul account secure helps keep the entire community secure.
Some indicators that this email is malicious:
- Numerous grammatical errors
- Promises of money (covid-relief)
- A link to a non-DePaul website
- Impersonation of DePaul department(s)
- Asking for extremely sensitive information
If you provided any sensitive information to the scammer, it would be highly advised to immediately review the Federal Trade Commission's Identity Theft resources, to both create an action plan and learn more, at:
If you have further questions or concerns, please contact the Information Security team at security@depaul.edu.