Seattle Pacific University continues to be targeted by sophisticated phishing scams. "Phishing" is the term given to email messages that attempt to trick you to give up your username and password.
This week a phishing email was sent to 150 Faculty and Staff. Nine individuals responded and gave up their SPU credentials to the attacker. With their login credentials, the hacker authenticated into Banner as the Faculty/Staff member, viewed sensitive personal data, and made updates to payroll direct deposit information for several individuals.
Protect Yourself: Learning From This Example
The Email Message
There are two very important things to note in the email below:
Sender: The email was sent from "SPU - Alert <firstname.lastname@example.org>" This is suspect for several reasons
Official SPU communication will generally come from an spu.edu email address
There is a strong mismatch between the apparent sender and the real sender (e.g. SPU - Alert vs. email@example.com)
SPU-Alert is the University's emergency notification system, and is associated specifically with campus-wide notifications, not specific messages targeted to sets of individuals
Suspicious Links: The screenshot below shows a URL by hovering over the link with the mouse cursor
This URL does not indicate anything about SPU
Suspicious Login Prompt
Clicking on the link in the email above sends you to this site. At first glance, it appears to be the standard SPU login page. However, it is imperative to note the URL highlighted below, which indicates the site is not actually within spu.edu, but is rather hosted on a completely unrelated site: https://theweeklyobserver.in. Particularly when paired with the warning signs in the email, it is important to be attentive to a detail like this.