This page contains examples of actual phishing emails sent to members of the LMU community. If you receive a suspicious email but don't see it listed here, Do NOT assume it is safe. There are many variants of every phish, and new ones are sent each day. 

If you receive an email you suspect is a phishing message, please contact servicedesk@lmu.edu

  • ATTN Imposter Scams: Imposters pretend to be someone you know, work with or someone in a position of power i.e. a manager or dean 

    Imposters might ask:

    • Odd & urgent requests to be completed
    • If you are available to do or complete a task
    • Provide personal information i.e. Cell Phone, Personal Email or more
    • Purchase gift cards 
    • Deposit a fake check or wire money

    Imposters might pretend:

    • to be a manager or dean 
    • be an outside company offering jobs that are too good to be true
    • LMU community users received phishing email with the subject of Maintenance Status Update and that your mailbox storage reached 99%.
    • Pretending to be tech support about a problem on your computer
    • you got a check for too much money and you need to send back the extra

    Examples of different requests:

     

    In the case that you respond:

     

     

    Please make sure to follow the next steps:

    A. Change your password to a unique and complex password 

    B. Report to IT Security at Secureit@LMU.edu

    C. If you responded using your personal email or phone, block the user's number and email accordingly

  •  

    About This Phishing Email

    • Email creates a sense of urgency to respond & click the link
    • Any ITS support emails (password change, LMU email issues, etc) should come from a valid LMU email address and contain LMU branding. Unlikely that this type of request email will be sent to broader LMU community.
  • In April 2022, the spammers are targeting all LMU community users with the following phishing email. An ITS Security Alert email was sent to all LMU/LLS faculty, student, and staff.

  •  Flags to note from Fake Job/ Part Time Job Offers:

    • Be wary of unsolicited job offers or paid participation in "focus groups", surveys, work at home, administrative assistant or bookkeeper.
    • Do not click any links including “unsubscribe”.  Clicking the link will tell the spammer will likely prompt the scammer to send more spam.
    • Notify InfoSec at servicedesk@lmu.edu if you have responded to the email, for additional guidance.

    Notice part-time job scams:

    Please stop all communication outside LMU emails. Some have resulted in a fake check scam for thousands of dollars.  

    Be aware of job scams. Be wary of any unsolicited job offers and note that legitimate companies will never ask you to front money. Some of these scams appear to be coming from @lionmail.lmu.edu accounts - do not assume they are safe!

    While we try our best to prevent phishing scams from reaching your mailbox, they do happen and will happen again, and it is important to learn some of the red flags that identify scams.  

    A common RED FLAG is when you are requested to move the conversation outside of your school address.

    • Scammers do this so that it is outside of our control where we cannot identify and block them. 
    • In the future you can forward emails to the Helpdesk and we will investigate their authenticity for you. 

    WHO Part-Time Job

    UNICEF Part-Time Job

     

    Another example of a similar email:

    Vacancy: Mystery Shopper

     

    Pet Sitting Job Scams 

    Notice: 

    Though this website is legitimate in this case the account is compromised and is sending out phishing emails. Be aware of different phishing indicators.

    • The user is trying to redirect the email from a legitimate platform onto a private Gmail address.
    • Offer seems too good to be true!

     

  •  

    Examples of Direct Deposit Request Changes:

    • Verify the identity of the user before changes are made. A phone call using an internal extension or the phone number you have on file (not the phone number provided in the email) can help our community avoid a financial loss.
    • After verifying user, LMU direct deposits changes made in Workday.

     

     

    About This Email

    • Email is not sent from an official LMU email address
    • Grammatical errors
    • Odd salutation
    • Be cautious of requests to update personal information that can be done by the user through Workday or attempting to avoid normal processes
    • Email creates a sense of artificial urgency by requesting the recipient to contact them immediately

     

  •  

    Impersonation emails/ Follow up Right away

    Note: What do you think about changing the name of the title of this section?

    • Email is not sent from an official LMU email address. Sent from SharePoint which is not officially supported by LMU.
    • Attempt to move conversation from LMU email is a sign of a potential scam. University will also not be able to monitor and remediate.
    • Lack of LMU signature/Branding and does not have an LMU contact provided in the email
    • Email creates a sense of artificial urgency by requesting the recipient to contact them immediately
    • Follow ups will request purchases in violation of University policy
    • Note:
      • If you are not expecting a document from the sender, verify that the email is legitimate before opening any attachments or clicking any links
      • If the email looks odd, contact the sender via a known verified method, such as their LMU email (do not reply directly to the suspicious email).
  •  Debbie Keet shared “Faculty Evaluation” with you

     

    Other examples:

    Michael Waterstone Shared a file with you

     

     

     

  •  

    About This Phishing Email

    • Email creates a sense of urgency to respond & click the link
    • LMU mailboxes storage capabilities are large enough so users are not likely to ever fill their mailboxes
    • Any ITS support emails (password change, LMU email issues, etc) should come from a valid LMU email address and contain LMU branding. Unlikely that this type of request email will be sent to broader LMU community.
  •  

    Requesting Tasks & Buying Gift Card Emails

    • Be cautious of requests to buy gift cards outside of the official Workday process. Stop all communication of these types of requests & report to InfoSec.  
    • The email address can be spoofed, where someone is able to change the email address to appear it is coming from an official employee.  

    Another example: "Are you free to run a quick request?"

     

     

    • Note: You may receive voicemails that appear like they are coming from LMU or a legitimate source. However, there have been some cases where users spoof, where someone pretends to be who they are not.
    • If the voicemail seems odd, out of place, or did not expect to receive the call. Please feel free to delete and report to secureit@lmu.edu
  • Phishing Scam Summary

    • These types of phishing emails appear to be a PayPal invoice for a fake purchase. The invoices for this scam may be generated in PayPal by the scammers. Even though the purchase is fake, clicking on the links in the invoice may result in a transfer of a payment in PayPal. The invoice claims that the recipient has successfully made a purchase through PayPal for an X amount, in this case it is $178.32. 

    What to look out for:

    • Invoices for purchases you have not made.
    • Requests to act immediately to make payment or reverse payment.

    What to do if you receive this:

    • If you receive an invoice you suspect to be fake or for a purchase you don't recall making, do not pay & do not respond using links or phone numbers in the email.
    • Go to your PayPal account
    • Do not use/click on the links in the email!
    • Verify this purchase by looking into your purchase history & clarify if you haven't been fraudulently billed.

    If you have been fraudulently billed go to PayPal’s Resolution Center at paypal.com/disputes/ and report the fraud immediately.