Saint Louis University

'New Update: Special Announcement' Phishing Email Targeting SLU 11/1/16

A phishing scam immitating Optum Bank is targeting SLU. Though it may appear legitimate, it should be reported as phishing and deleted. If you accidentally followed the link, please contact the ITS Service Desk at 314-977-4000.

Optum Bank Phishing Scam


D0CUMENT' Phishing Email Targeting SLU 10/19/16

A number of people at Saint Louis University received an email from various SLU email addresses with the subject line D0CUMENT'. The email appears to contain a message from Dr. Pestello asking recipients to click on a link to open a file.

Subject Line: D0CUMENT'

Hello,

I tried sending some document but due to the file size i sen it using doc- share,

Click here to view the Sent Files,
Kindly check and let me know your opinion

Fred P. Pestello, Ph.D.
President

If you receive this email, please mark it as phishing. If you accidentally followed the link, please contact the ITS Service Desk at 314-977-4000. 


'Vital Document' Phishing Email Targeting SLU Physicians 9/29/16

A malicious email is circulating around SLU and targeting physicians in particular. In some cases, the email has an attachment that appears to be a Google Doc in need of a signature. Though it may appear legitimate, it is just an attempt to obtain your personal information.

When SLU users attempt to view the PDF online, their accounts become compromised and the hacker uses them to send even more phishing emails.

If you receive this email, please mark it as phishing. If you accidentally followed the link, please contact the ITS Service Desk at 314-977-4000. 


'Security Warning!' Phishing Email 9/19/16

A malicious email is circulating around SLU. The email claims that there was an unauthorized attempt on the recipient's account and it will be disabled if it is not verified using a link in the email. The link is corrupted and not actually affiliated with SLU although it may look that way. When SLU users click on it and enter their credentials, their accounts become compromised and the hacker uses them to send even more phishing emails. 

If you receive this email, please mark it as phishing. If you accidentally followed the link, please contact the ITS Service Desk at 314-977-4000. 


'SLU Emergency Account Verification' Phishing Email 9/12/16

The SLU community is being targeted by a realistic-looking phishing email. The email instructs recipients to verify their account via a link that, at first glance, looks like a link to mySLU. It also claims this verification is related to multi-factor authentication (MFA), which SLU is actually implementing. If you received this email, please mark it as phishing. If you accidentally followed the link, please contact the ITS Service Desk at 314-977-4000. To learn more about MFA at SLU, please visit the Login2 SLU page under Password Help on its.slu.edu.


'Schedule change.' Phishing Email 9/11/16

The phishing email appears to be providing a link to files in Dropbox but it should not be trusted. Remember to think critically before opening unanticipated or seemingly strange emails with attachments or links. If you received this email, please mark it as phishing. If you clicked on the link, please contact the ITS Service Desk at 314-977-4000.


'Council Matters' Phishing Email Targets A&S 7/27/16

Some members of the College of Arts and Science have received an especially realistic-looking phishing email with a strange attachment. As a reminder, unanticipated or seemingly strange emails should be evaluated critically before opening any included attachments or links.

If you received this email, please mark it as phishing. If you accidentally opened the attachment, please contact the ITS Service Desk at 314-977-4000. 


'Emergency Verification!' Phishing Scam Alert 7/19/16

A phishing email is targeting SLU and claiming all email users must update their email account to avoid account termination. The email includes a fraudulent link which people are suppose to use to confirm that their account is up-to-date.

If you received this email, please mark it as phishing. If you accidentally clicked on the link, please contact the ITS Service Desk at 314-977-4000. 

As a reminder, SLU will never ask users to confirm account information or passwords via email. 


Account Verification Phishing Scam Alert 6/20/16

A fake message is circulating with a fraudulent link that asks users to verify their account. As a reminder, SLU will never ask users to confirm information or passwords via email. If you received the email, please mark it as phishing and then delete it.

Below is an example of the email:

Phish Email Example


Email Quota Phishing Scam Alert 6/9/16

The latest phishing email targeting SLU falsely tells recipients that they have exceeded their email quota. ITS will never ask the SLU community to verify their information in this manner. If you received the email, please mark it as phishing and then delete it.

Below is an example of the email:

Phish Email Example


Blackboard Email Phishing Scam Alert 4/21/16

Blackboard has received reports that phishing attempts are being sent to Blackboard users' email from email addresses that appear to be legitimate Blackboard addresses, redirecting users to a phishing site that mimics a Blackboard site, where users can be tricked into logging in and thus revealing their true Blackboard credentials. Once their Blackboard credentials are captured, the malicious site owner can then use the credentials to compromise the user's real Blackboard account. If you receive an email like the one below, don't click on any links but do forward it to facsupport@slu.edu so that we can monitor the situation.

From email address contact@mail.blackboard.com

The message is as follows:

Dear user :
Your Admin faculty has left two important course work in your Blackboard area.
Please click below to read your messages
<fake link appears here>
Note : The link above will be inactive after 10 minutes when mail has been read.
Thanks
Blackboard IT

Remember, SLU will never ask you to confirm your account information or password via email. If you need assistance call the IT Service Desk at 314-977-4000 or email helpdesk@slu.edu.


'Your New Salary Notice' Phishing Email Targeting SLU 1/30/16

Evidence suggests cybercriminals are attempting to access the financial information of University employees who received the email.

If you received the email, do not provide your password or username, and do not click on the included link. If you did respond to this sophisticated phish, please contact the IT Security and Compliance team at infosecurity@slu.edu or 314-977-5499.

Details on the Email

Below is an example of the email. If you have not received it, be skeptical of any emails with similar wording or that instruct you to provide information through an included link.

The email indicates the recipient is due for a salary increase and instructs recipients to access documents through an included link. If you were to follow the link, you would be asked to provide your password and username.

SLU, including HR and ITS, has no legitimate business reason to request your password. Any email that asks for your password should be considered a phishing attempt. Never share your password with anyone.

Phish Email

More About Phishing

When cybercriminals are able to obtain passwords and login information, they are able to log in to accounts and change direct deposit and other confidential information. They are often after financial information but access to protected health information also has significant monetary value to cybercriminals.

Remember, SLU will never ask you to confirm your account information or password via email, and any email that sounds too good to be true should be considered fake.


'Your Saint Louis University Online Access.' Phishing Email Targeting SLU 1/5/16

There are a few versions of the latest phishing email targeting SLU, but the content is basically the same. It asks you to verify your username and password or your mail account will be disabled. While many members of our community reported these phishing emails to the Information Security Team, a large number of people responded to the email with their login information. Keep these tips in mind when you see phishing emails:

  • Never respond to them, even if you are not providing any information. With a response, you are confirming to the phishers that they have a good email address. Instead, report phishing emails to infosecurity@slu.edu, mark them as spam or phishing, and delete them.
  • If you did respond and provide your password, contact the ITS Service Desk at 977-4000. They can assist you with resetting your password and establishing other security precautions.
    • If you use the same password at SLU as you use for personal accounts such as banking or social media (not a good security practice), be sure to change those passwords as well.
    • When you create a new password, use long and strong passwords or passphrases when you can. Consider something like "I love cheese pizza" converted to "1 <3 Ch33z3 P1zzA!". This is something you can remember, but it is difficult for cybercriminals to crack.
    • Remember that no password is good if you give it away. Never share your password with anyone. Any request for your password is considered a phishing attempt.

Below is an example of the phishing email that was circulating this week:

From: "SLU" <user@slu.edu>
Date: Jan 5, 2016 2:18 PM
Subject: Your Saint Louis University Online Access.
To: 
Cc: 

Case No: SLU4-34109
 We received a request to terminate your Saint Louis University email
access and the process has started, Please give us 24 hours to disable
your email account.

If you did not make this request, verify your account immediately.

SLU Net ID:
Email:
Password:
Confirm Password:
Phone Number:

All files / attachments on your email account will be deleted and
access to your email will be Denied.
Thank you,
© Saint Louis University.


'SLU ITS Help Desk Administrator' Phishing Email Targeting SLU 12/16/15
The email may come from a SLU account with a name and "SLU ITS Help Desk Administrator" in the subject line. It claims to be the ITS Help Desk verifying all accounts and asks for usernames and passwords. ITS will never ask users to verify their information in this manner and will never ask for passwords. Users who may have mistakenly provided their information should contact the ITS Service Desk at 977-4000.


'Account Security Warning' Phishing Email Targeting SLU 9/14/15
SLU customers are being targeted by a phishing email with the subject line, "ITS Account Security Warning." It claims there has been an unauthorized attempt to access your account. The email instructs recipients to verify their account by clicking a link. SLU will never ask users to verify their information in this manner. Customers who may have accidentally clicked on a phishing email should contact the ITS Service Desk at 977-4000..


Numerous Phishing Emails Targeting SLU 

Please be on high alert for phishing emails from varying sources and with different subject lines. The emails might reference salary updates or instruct you to verify your account. The phishers will use legitimate-looking display names, such as SLU ACCOUNT user@slu.edu, and login pages that mirror our secure sites, such as mySLU and Google. Examples of the types of phishing emails are below.

Before clicking on links in emails, hover over them to reveal their true destinations, and do not click on any links that have strange or unfamiliar destinations. On mobile phones that shorten the URL, hold your finger down in the URL box to see the complete URL.

As a reminder, SLU will not ask for usernames and passwords via email. Customers who may have accidentally clicked on a phishing email should contact the ITS Service Desk. 

Salary Phishing Email Example

Hello,

We assessed the 2015 payment structure as provided for under the terms of employment and discovered thatyou are due for a salary raise starting August 2015.Your salary raise documents are enclosed below:
Access the documents here [link removed]

Account Access Phishing Email Example

Account User Phishing Email Example


The latest phishing attempt to target SLU appears to come from a SLU email address. The subject line reads: "ITS Help Desk Alert Verification!!" The very realistic phishing email was crafted in line with SLU's branding, and even copies SLU's logo into the body of the email. It claims email accounts are being monitored due to "scam mail received by some of our web-mail users," and that users are urged to update their account using a provided link. This elaborate story, while realistic, is untrue.

Hackers are becoming very skilled at making phishing emails appear legitimate. The easiest and fastest way to recognize a scam email is if it asks for passwords or other personal information. Any email that asks for such information should be considered a phishing scam and reported to InfoSecurityTeam@slu.edu, and then deleted. If you are unsure of the legitimacy of an email appearing to have come from SLU, call the ITS Service Desk at 314-977-4000.

If you are concerned that your account may have been compromised as a result of responding to this phishing email, contact the ITS Service Desk and we will investigate your account further. Please be aware, SLU ITS will never have you verify your information in this manner. Though they may appear legitimate, unanticipated or seemingly strange emails should be evaluated critically before opening any attachments or clicking any included links. Before clicking on links in emails, hover over them to reveal their true destinations, and do not click on any links that have strange or unfamiliar destinations.

Posted: June 24, 2015

 

Phishing email

 


The latest phishing attempt to target SLU appears to come from a SLU email address. The subject line reads: “Saint Louis University Email Service Alert.” The very realistic phishing email was crafted in line with SLU’s branding. It claims you have had unauthorized access to your account and you must confirm your details in order to avoid account suspension.

If you are concerned that your account may have been compromised as a result of responding to this phishing email, contact the ITS Service Desk and we will investigate your account further. Please be aware, SLU ITS will never have you verify your information in this manner. Though they may appear legitimate, unanticipated or seemingly strange emails should be evaluated critically before opening any attachments or clicking any included links. Before clicking on links in emails, hover over them to reveal their true destinations, and do not click on any links that have strange or unfamiliar destinations.

Hackers are becoming very skilled at making phishing emails appear legitimate. The easiest and fastest way to recognize a scam email is if it asks for passwords or other personal information. Any email that asks for such personal information should be considered a phishing scam and reported to InfoSecurityTeam@slu.edu, and then deleted. If you are unsure of the legitimacy of an email appearing to have come from SLU, call the ITS Service Desk at 314-977-4000.

Posted: June 2, 2015


The latest phishing attempt to target SLU comes from "info-alert@slu.edu" with the subject line, "Saint Louis University Email Service Alert." The very realistic phishing email was crafted in line with SLU's branding. It claims you have had unauthorized access to your account and you must confirm your details in order to avoid account suspension.

If you are concerned that your account may have been compromised as a result of responding to this phishing email, contact the ITS Service Desk and we will investigate your account further. Though they may appear legitimate, unanticipated or seemingly strange emails should be evaluated critically before opening any attachments or clicking any included links.

Hackers are becoming very skilled at making phishing emails appear legitimate. The easiest and fastest way to recognize a scam email is if it asks for passwords or other personal information. Any email that asks for such personal information should be considered a phishing scam and reported to InfoSecurityTeam@slu.edu, and then deleted. If you are unsure of the legitimacy of an email appearing to have come from SLU, call the ITS Service Desk at 314-977-4000.

Posted: May 14, 2015


Be on the lookout for tax-related phishing emails, phone fraud, and fraudulent filings at this time of year. Some members of the SLU community have received an email from IRS imposters with the subject line "Taxes and allowances." It offers you a refund if you fill out an attached form. Please delete it or report it as phishing as it is an attempt to get you to divulge personal information and the attachment may contain malware. As always, do not open email attachments or click on links from unknown or questionable sources. For more information on this advisory and tips to protect yourself visit the sites listed below.

Posted: February 17, 2015


The latest phishing attempt to target SLU imitates the Microsoft Volume Licensing Service Center. The elaborate phishing email claims to provide registration details for newly accepted Open Licenses with Microsoft, and instructs you to download details from a strange link. Even though the email may seem real, it is a scam attempting to gain your personal information for malicious purposes. Any email that instructs you to click on a strange link or attachment should be evaluated critically before opening. Report any concerns or strange emails that ask for personal information to InfoSecurityTeam@slu.edu. The full email is provided below.

Open License Phishing Attempt


Posted Jan. 20, 2015


Several versions of a new phishing email are targeting SLU. Though the subject lines vary, some have misspelled pleas that read, "Emergency Verification!!" or "Urgernt!" The email may claim your account is in jeopardy and instructs you to click on a link. Though it may appear to come from a SLU address, all emails that include links or attachments should be evaluated critically before opening. 

Posted Oct. 29, 2014


A phishing email with the subject line "RE: ITS HELP DESK” is targeting faculty and staff at the University. In the past few weeks, members of the SLU community have also received a similar phishing email with the subject line "FACULTY & STAFF ONLY" or "FACULTY & STAFF MAILBOX NOTIFICATION".

Even though the emails may seem real, they are phishing scams looking to obtain your name and password. SLU will never ask for customers’ passwords in an email. Any email that asks for such personal information should be considered a scam and reported to InfoSecurityTeam@slu.edu, and then deleted. All emails that include links or attachments should be evaluated critically before opening.

ITS updates the news section of its.slu.edu site to include warnings about current phishing scams targeting SLU. If you are unsure of the validity of an email request, please email the Information Security Team with any questions.

Posted Oct. 20, 2014


A new phishing scam is targeting the University. The email may be from "Email Update " and have the subject line "Attn: Email User". The content of the email will state that there has been an attempt to access your email account from an unknown computer and instruct you to update your account by clicking on an included link. This is a scam. SLU will never ask you to confirm your information by clicking on a strange link. Any email that insists you confirm your information by clicking on a link or that asks for personal information should be considered a phishing scam and marked as such in your email, then deleted.

Posted: Aug. 11, 2014


A new phishing scam is targeting the University. Several different hooks are used in the subject line and body of the email. Whether it asks you to confirm information by clicking a link or providing your username and password, it is a scam. SLU will never ask for customers' passwords in an email. Any email that asks for such personal information should be considered a phishing scam and reported to InfoSecurityTeam@slu.edu, and then deleted.

ITS updates the news section on its.slu.edu to include warnings about current phishing scams targeting SLU. If you are unsure of the validity of an email request, please contact the Information Security Team with any questions.

Posted: June 26, 2014


A new phishing scam is targeting the University. An email with the subject line "Your Raise Details" was sent to faculty members and others and appeared to come from a SLU account.
Even though the email seemed to be real, it was the product of a scam that asked the recipient to confirm their SLU passwords. A screenshot of the email is shown below.

SLU will never ask for customers' passwords in an email. Any email that asks for such personal information should be considered a phishing scam and reported to InfoSecurityTeam@slu.edu, and then deleted.

ITS updates the news section of its.slu.edu site to include warnings about current phishing scams targeting SLU. If you are unsure of the validity of an email request, please email the Information Security Team with any questions.

Posted: April 2014