Phishing Continues To Rise

With COVID-19, LMU has seen an increased number of fraudulent emails, or SPAM messages, designed to trick recipients into clicking links, opening attachments, or taking other actions. Specifically, we have seen a large number of Email Impersonation Scams targeting key individuals within the university. These attacks typically seem to come from personnel in positions of authority and ask targets to perform money transfers, pay invoices, or send sensitive data.

To learn more about how to recognize these phishing emails and protect yourself and our organization from getting hooked, read the following list of key phishing identifiers:

1. Suspicious Email Addresses - If an email seems to be from a legitimate source by came from a nonofficial doman (i.e., @hotmail.com instead of @lmu.edu), it's probably fraudulent. Also check other recipients of the email - if it was sent to a lot of people, especially ones you don't know, you should be suspicious. 

2. Generic Salutations - You should be suspicious of any email that isn't addressed directly to you. Watch out for salutations like "Dear Madam" or "Valued Customer". 

3. Spelling Mistakes and Grammatical Errors- Everyone makes mistakes, but glaring and obvious errors such as "Loyola Mary Mount University" or a plethora of spelling mistakes and grammatical errors are reasons be wary. 

4. Immediate Action Required- Phishing emails frequently have an alarmist tone, to try to rush recipients into taking action and making mistakes. Legitimate organizations rarely ask for immediate action or personal information. 

5. Suspicious URLs - If you hover your cursor over a link, the destination will appear; phishing emails often use URL text in emails that seems legitimate, but directs to not-secure sites.

6. Attachments - As a general rule, don't open attachments you aren't expecting. If you get a strange attachment from someone you know, contact them before opening it. 

7. Too Good To Be True - If something seems too good to be true, it probably is, especially if you receive offers from companies or services you've never used, or get prizes from a contest you never entered. 

8. Weird Messages From Friends - Phishing emails may come from someone you know, if a friend's email has been hacked or if a hacker created a new email address using a friend's name to try to trick recipients. If you receive a suspicious email from a friend, call or text them about it before opening the message.