Screenshot of malicious email:
![An image of a malicious email. The email attempts to convince the recipient to click on a malicious attachment under the guise of it being payment information. An image of a malicious email. The email attempts to convince the recipient to click on a malicious attachment under the guise of it being payment information.](/information-services/security/news-updates/PublishingImages/07-26-21-payment-receipt-scam.png)
On July 26th, 2021, a common form of scam in which malicious actors attempt to impersonate accounts payable was seen at DePaul.
The scam campaign was sent through a non-DePaul email address, and made to appear as though it is associated with some organization's accounts payable department.
The malicious email encourages recipients to review payment information in a malicious attached file. The phishing attachment will attempt to harvest the credentials of the victim through a look-a-like login page.
Some indicators that this email is malicious:
- Unsolicited contact from an unknown external ([EXT] tag in the subject line) email account
- Lack of clarity for what the alleged payment information concerns
- Attachment of a malicious .htm file