This page contains examples of actual phishing emails sent to members of the LMU community. If you receive a suspicious email but don't see it listed here, Do NOT assume it is safe. There are many variants of every phish, and new ones are sent each day. 

If you receive an email you suspect is a phishing message, please contact servicedesk@lmu.edu

  • In April 2022, the spammers are targeting all LMU community users with the following phishing email. An ITS Security Alert email was sent to all LMU/LLS faculty, student, and staff.

  •  

     

    Another example of a similar email:

     

    Fake Job/ Part Time Job Offers

    • Be wary of unsolicited job offers or paid participation in "focus groups", surveys, work at home, administrative assistant or bookkeeper.
    • Do not click any links including “unsubscribe”.  Clicking the link will tell the spammer will likely prompt the scammer to send more spam.
    • Notify InfoSec at servicedesk@lmu.edu if you have responded to the email, for additional guidance.
  •  

    About This Email

    • Email is not sent from an official LMU email address
    • Grammatical errors
    • Odd salutation
    • Be cautious of requests to update personal information that can be done by the user through Workday or attempting to avoid normal processes
    • Email creates a sense of artificial urgency by requesting the recipient to contact them immediately

     

  •  

    Impersonation emails/ Follow up Right away

    Note: What do you think about changing the name of the title of this section?

    • Email is not sent from an official LMU email address. Sent from SharePoint which is not officially supported by LMU.
    • Attempt to move conversation from LMU email is a sign of a potential scam. University will also not be able to monitor and remediate.
    • Lack of LMU signature/Branding and does not have an LMU contact provided in the email
    • Email creates a sense of artificial urgency by requesting the recipient to contact them immediately
    • Follow ups will request purchases in violation of University policy
    • Note:
      • If you are not expecting a document from the sender, verify that the email is legitimate before opening any attachments or clicking any links
      • If the email looks odd, contact the sender via a known verified method, such as their LMU email (do not reply directly to the suspicious email).
  •  

  •  

    About This Phishing Email

    • Email creates a sense of urgency to respond & click the link
    • LMU mailboxes storage capabilities are large enough so users are not likely to ever fill their mailboxes
    • Any ITS support emails (password change, LMU email issues, etc) should come from a valid LMU email address and contain LMU branding. Unlikely that this type of request email will be sent to broader LMU community.
  •  

    Requesting Tasks & Buying Gift Card Emails

    • Be cautious of requests to buy gift cards outside of the official Workday process. Stop all communication of these types of requests & report to InfoSec.  
    • The email address can be spoofed, where someone is able to change the email address to appear it is coming from an official employee.