Latest Phishing Emails Targeting SLU

Numerous Phishing Emails Targeting SLU 

Please be on high alert for phishing emails from varying sources and with different subject lines. The emails might reference salary updates or instruct you to verify your account. The phishers will use legitimate-looking display names, such as SLU ACCOUNT user@slu.edu, and login pages that mirror our secure sites, such as mySLU and Google. Examples of the types of phishing emails are below.

Before clicking on links in emails, hover over them to reveal their true destinations, and do not click on any links that have strange or unfamiliar destinations. On mobile phones that shorten the URL, hold your finger down in the URL box to see the complete URL.

As a reminder, SLU will not ask for usernames and passwords via email. Customers who may have accidentally clicked on a phishing email should contact the ITS Service Desk. 

Salary Phishing Email Example

Hello,

We assessed the 2015 payment structure as provided for under the terms of employment and discovered thatyou are due for a salary raise starting August 2015.Your salary raise documents are enclosed below:
Access the documents here [link removed]

Account Access Phishing Email Example

Account User Phishing Email Example


The latest phishing attempt to target SLU appears to come from a SLU email address. The subject line reads: "ITS Help Desk Alert Verification!!" The very realistic phishing email was crafted in line with SLU's branding, and even copies SLU's logo into the body of the email. It claims email accounts are being monitored due to "scam mail received by some of our web-mail users," and that users are urged to update their account using a provided link. This elaborate story, while realistic, is untrue.

Hackers are becoming very skilled at making phishing emails appear legitimate. The easiest and fastest way to recognize a scam email is if it asks for passwords or other personal information. Any email that asks for such information should be considered a phishing scam and reported to InfoSecurityTeam@slu.edu, and then deleted. If you are unsure of the legitimacy of an email appearing to have come from SLU, call the ITS Service Desk at 314-977-4000.

If you are concerned that your account may have been compromised as a result of responding to this phishing email, contact the ITS Service Desk and we will investigate your account further. Please be aware, SLU ITS will never have you verify your information in this manner. Though they may appear legitimate, unanticipated or seemingly strange emails should be evaluated critically before opening any attachments or clicking any included links. Before clicking on links in emails, hover over them to reveal their true destinations, and do not click on any links that have strange or unfamiliar destinations.

Posted: June 24, 2015

 

Phishing email

 


The latest phishing attempt to target SLU appears to come from a SLU email address. The subject line reads: “Saint Louis University Email Service Alert.” The very realistic phishing email was crafted in line with SLU’s branding. It claims you have had unauthorized access to your account and you must confirm your details in order to avoid account suspension.

If you are concerned that your account may have been compromised as a result of responding to this phishing email, contact the ITS Service Desk and we will investigate your account further. Please be aware, SLU ITS will never have you verify your information in this manner. Though they may appear legitimate, unanticipated or seemingly strange emails should be evaluated critically before opening any attachments or clicking any included links. Before clicking on links in emails, hover over them to reveal their true destinations, and do not click on any links that have strange or unfamiliar destinations.

Hackers are becoming very skilled at making phishing emails appear legitimate. The easiest and fastest way to recognize a scam email is if it asks for passwords or other personal information. Any email that asks for such personal information should be considered a phishing scam and reported to InfoSecurityTeam@slu.edu, and then deleted. If you are unsure of the legitimacy of an email appearing to have come from SLU, call the ITS Service Desk at 314-977-4000.

Posted: June 2, 2015


The latest phishing attempt to target SLU comes from "info-alert@slu.edu" with the subject line, "Saint Louis University Email Service Alert." The very realistic phishing email was crafted in line with SLU's branding. It claims you have had unauthorized access to your account and you must confirm your details in order to avoid account suspension.

If you are concerned that your account may have been compromised as a result of responding to this phishing email, contact the ITS Service Desk and we will investigate your account further. Though they may appear legitimate, unanticipated or seemingly strange emails should be evaluated critically before opening any attachments or clicking any included links.

Hackers are becoming very skilled at making phishing emails appear legitimate. The easiest and fastest way to recognize a scam email is if it asks for passwords or other personal information. Any email that asks for such personal information should be considered a phishing scam and reported to InfoSecurityTeam@slu.edu, and then deleted. If you are unsure of the legitimacy of an email appearing to have come from SLU, call the ITS Service Desk at 314-977-4000.

Posted: May 14, 2015


Be on the lookout for tax-related phishing emails, phone fraud, and fraudulent filings at this time of year. Some members of the SLU community have received an email from IRS imposters with the subject line "Taxes and allowances." It offers you a refund if you fill out an attached form. Please delete it or report it as phishing as it is an attempt to get you to divulge personal information and the attachment may contain malware. As always, do not open email attachments or click on links from unknown or questionable sources. For more information on this advisory and tips to protect yourself visit the sites listed below.

Posted: February 17, 2015


The latest phishing attempt to target SLU imitates the Microsoft Volume Licensing Service Center. The elaborate phishing email claims to provide registration details for newly accepted Open Licenses with Microsoft, and instructs you to download details from a strange link. Even though the email may seem real, it is a scam attempting to gain your personal information for malicious purposes. Any email that instructs you to click on a strange link or attachment should be evaluated critically before opening. Report any concerns or strange emails that ask for personal information to InfoSecurityTeam@slu.edu. The full email is provided below.

Open License Phishing Attempt


Posted Jan. 20, 2015


Several versions of a new phishing email are targeting SLU. Though the subject lines vary, some have misspelled pleas that read, "Emergency Verification!!" or "Urgernt!" The email may claim your account is in jeopardy and instructs you to click on a link. Though it may appear to come from a SLU address, all emails that include links or attachments should be evaluated critically before opening. 

Posted Oct. 29, 2014


A phishing email with the subject line "RE: ITS HELP DESK” is targeting faculty and staff at the University. In the past few weeks, members of the SLU community have also received a similar phishing email with the subject line "FACULTY & STAFF ONLY" or "FACULTY & STAFF MAILBOX NOTIFICATION".

Even though the emails may seem real, they are phishing scams looking to obtain your name and password. SLU will never ask for customers’ passwords in an email. Any email that asks for such personal information should be considered a scam and reported to InfoSecurityTeam@slu.edu, and then deleted. All emails that include links or attachments should be evaluated critically before opening.

ITS updates the news section of its.slu.edu site to include warnings about current phishing scams targeting SLU. If you are unsure of the validity of an email request, please email the Information Security Team with any questions.

Posted Oct. 20, 2014


A new phishing scam is targeting the University. The email may be from "Email Update " and have the subject line "Attn: Email User". The content of the email will state that there has been an attempt to access your email account from an unknown computer and instruct you to update your account by clicking on an included link. This is a scam. SLU will never ask you to confirm your information by clicking on a strange link. Any email that insists you confirm your information by clicking on a link or that asks for personal information should be considered a phishing scam and marked as such in your email, then deleted.

Posted: Aug. 11, 2014


A new phishing scam is targeting the University. Several different hooks are used in the subject line and body of the email. Whether it asks you to confirm information by clicking a link or providing your username and password, it is a scam. SLU will never ask for customers' passwords in an email. Any email that asks for such personal information should be considered a phishing scam and reported to InfoSecurityTeam@slu.edu, and then deleted.

ITS updates the news section on its.slu.edu to include warnings about current phishing scams targeting SLU. If you are unsure of the validity of an email request, please contact the Information Security Team with any questions.

Posted: June 26, 2014


A new phishing scam is targeting the University. An email with the subject line "Your Raise Details" was sent to faculty members and others and appeared to come from a SLU account.
Even though the email seemed to be real, it was the product of a scam that asked the recipient to confirm their SLU passwords. A screenshot of the email is shown below.

SLU will never ask for customers' passwords in an email. Any email that asks for such personal information should be considered a phishing scam and reported to InfoSecurityTeam@slu.edu, and then deleted.

ITS updates the news section of its.slu.edu site to include warnings about current phishing scams targeting SLU. If you are unsure of the validity of an email request, please email the Information Security Team with any questions.

Posted: April 2014

© 1818 - 2015  SAINT LOUIS UNIVERSITY   |   Disclaimer   |  Mobile Site
St. Louis   |   Madrid