Screenshot of malicious email:
On September 14th, 2021, a malicious email purporting to be a Pell grant application notification was sent out. Upon further investigation by the security team, it has been determined that this scam is actually part of the same job scam/malicious campaign that the Information Security Team has been alerting the community to for many months.
In this scam, the malicious email encourages recipients to apply for a for a Pell grant at a non-DePaul free-website builder site.
Once the victim submits their information in the malicious free-website form, the malicious actor will often attempt to request further personal information, and the communications will often move to a text message format. Ultimately, the malicious actor will attempt to defraud the victim by sending the victim a fraudulent check or via a cash transferring app such as Zelle or Cash App.
Some indicators that these emails are malicious:
- Numerous spelling and grammatical errors
- Promises of money
- Asking recipients to forward the unsolicited email to others
- Directions to click a link to a non-DePaul website (remember to hover over hyperlinked text to see the underlying URL)
- On the imitation website, there are major appeals to emotion (stating applicants will help ex-convicts, orphans, and animals)