This page contains examples of actual phishing emails sent to members of the LMU community. If you receive a suspicious email but don't see it listed here, Do NOT assume it is safe. There are many variants of every phish, and new ones are sent each day. 

If you receive an email you suspect is a phishing message, please contact servicedesk@lmu.edu

  •  

    About This Phishing Email

    • Email creates a sense of urgency to respond & click the link
    • Any ITS support emails (password change, LMU email issues, etc) should come from a valid LMU email address and contain LMU branding. Unlikely that this type of request email will be sent to broader LMU community.
  • In April 2022, the spammers are targeting all LMU community users with the following phishing email. An ITS Security Alert email was sent to all LMU/LLS faculty, student, and staff.

  •  

    UNICEF Part-Time Job

     

    Another example of a similar email:

    Vacancy: Mystery Shopper

     

    Pet Sitting Job Scams 

    Notice:

     

    Though this website is legitimate in this case the account is compromised and is sending out phishing emails. Be aware of different phishing indicators.

    • The user is trying to redirect the email from a legitimate platform onto a private Gmail address.

     

    • Offer seems too good to be true!

     

    Flags to note from Fake Job/ Part Time Job Offers:

    • Be wary of unsolicited job offers or paid participation in "focus groups", surveys, work at home, administrative assistant or bookkeeper.
    • Do not click any links including “unsubscribe”.  Clicking the link will tell the spammer will likely prompt the scammer to send more spam.
    • Notify InfoSec at servicedesk@lmu.edu if you have responded to the email, for additional guidance.
  •  

    About This Email

    • Email is not sent from an official LMU email address
    • Grammatical errors
    • Odd salutation
    • Be cautious of requests to update personal information that can be done by the user through Workday or attempting to avoid normal processes
    • Email creates a sense of artificial urgency by requesting the recipient to contact them immediately

     

  •  

    Impersonation emails/ Follow up Right away

    Note: What do you think about changing the name of the title of this section?

    • Email is not sent from an official LMU email address. Sent from SharePoint which is not officially supported by LMU.
    • Attempt to move conversation from LMU email is a sign of a potential scam. University will also not be able to monitor and remediate.
    • Lack of LMU signature/Branding and does not have an LMU contact provided in the email
    • Email creates a sense of artificial urgency by requesting the recipient to contact them immediately
    • Follow ups will request purchases in violation of University policy
    • Note:
      • If you are not expecting a document from the sender, verify that the email is legitimate before opening any attachments or clicking any links
      • If the email looks odd, contact the sender via a known verified method, such as their LMU email (do not reply directly to the suspicious email).
  •  Debbie Keet shared “Faculty Evaluation” with you

     

    Other examples:

    Michael Waterstone Shared a file with you

     

     

     

  •  

    About This Phishing Email

    • Email creates a sense of urgency to respond & click the link
    • LMU mailboxes storage capabilities are large enough so users are not likely to ever fill their mailboxes
    • Any ITS support emails (password change, LMU email issues, etc) should come from a valid LMU email address and contain LMU branding. Unlikely that this type of request email will be sent to broader LMU community.
  •  

    Requesting Tasks & Buying Gift Card Emails

    • Be cautious of requests to buy gift cards outside of the official Workday process. Stop all communication of these types of requests & report to InfoSec.  
    • The email address can be spoofed, where someone is able to change the email address to appear it is coming from an official employee.  

    Another example: "Are you free to run a quick request?"

     

     

    • Note: You may receive voicemails that appear like they are coming from LMU or a legitimate source. However, there have been some cases where users spoof, where someone pretends to be who they are not.
    • If the voicemail seems odd, out of place, or did not expect to receive the call. Please feel free to delete and report to secureit@lmu.edu
  • Phishing Scam Summary

    • These types of phishing emails appear to be a PayPal invoice for a fake purchase. The invoices for this scam may be generated in PayPal by the scammers. Even though the purchase is fake, clicking on the links in the invoice may result in a transfer of a payment in PayPal. The invoice claims that the recipient has successfully made a purchase through PayPal for an X amount, in this case it is $178.32. 

    What to look out for:

    • Invoices for purchases you have not made.
    • Requests to act immediately to make payment or reverse payment.

    What to do if you receive this:

    • If you receive an invoice you suspect to be fake or for a purchase you don't recall making, do not pay & do not respond using links or phone numbers in the email.
    • Go to your PayPal account
    • Do not use/click on the links in the email!
    • Verify this purchase by looking into your purchase history & clarify if you haven't been fraudulently billed.

    If you have been fraudulently billed go to PayPal’s Resolution Center at paypal.com/disputes/ and report the fraud immediately.

     

  • Examples of Direct Deposit Request Changes:

    • Verify the identity of the user before changes are made. A phone call using an internal extension or the phone number you have on file (not the phone number provided in the email) can help our community avoid a financial loss.
    • After verifying user, LMU direct deposits changes made in Workday.