Email is one of the most effective tools in the cybercriminals arsenal. Spam filters stop much of the bad email that would otherwise end up in your inbox, but crafty cybercriminals know how to design their emails in a way that can circumvent your these filters. This tutorial was created to address the question, what is bad email? Several examples have been identified for you on the following slides.
SLU was recently targeted by a sophisticated phishing email scam. The subject line read: "SLU incident where your SLU Net ID may have been compromised" and it appeared to come from a SLU account. The landing page, once customers clicked on the spam link, attempted to replicate mySLU.
Even though it seemed to be real, the easiest and fastest way to tell that it was a scam was that it asked for customers to confirm their passwords. SLU will never ask for customers' passwords in an email. Any email that asks for such personal information should be considered a phishing scam and reported to InfoSecurityTeam@slu.edu, and then deleted.
ITS updates the news section of its.slu.edu to include any warnings about current phishing scams targeting SLU. If you are unsure of the validity of an email request, please contact the Information Security Team with any questions.