We are currently seeing a significant wave of phishing emails targeting our staff and students. The scammers are posing as the Loyola IT Department in an attempt to steal your password. One example currently in circulation claims that your account is scheduled for termination due to duplicate credentials and asks you to click a link to verify your account.
You can spot this scam by looking for several red flags. First, examine the recipient list. In the current attack, the scammers have copied hundreds of random Loyola email addresses in the “To” or “Cc” field. A legitimate IT alert would never be sent to a long list of strangers in this manner. Second, be extremely suspicious of any request for your password, especially through a Google Form. No Loyola IT staff member will ever ask for your password via email or a form. If a message asks you to enter your credentials to keep your account active, it is a phishing attempt.
What makes this current wave particularly dangerous is that these messages are not coming from outside email addresses. When a student or staff member falls for a phishing scam and provides their MFA code to the phisher, the attacker can send messages from their account. They then use that hacked account to send the same phishing email to hundreds more Loyola addresses. Because the email appears to come from a legitimate @luc.edu address, it looks more real, and recipients are more likely to trust it. This creates a dangerous cycle. One compromised account leads to ten more, and ten lead to a hundred. The best way to break the cycle is to never enter your password on a link sent to you in an email. If you suspect your account has been compromised, change your password immediately and contact the IT Service Desk.
Finally, remember legitimate emails from official IT Service Desk communications will come from ITSServiceDesk@luc.edu, DataSecurity@luc.edu, or helpdesk@luc.edu. Scammers may fake the “From” address to look like a real person, but the content of their message will contain generic threats and urgent demands. Also be aware that password phishing is not the only scam currently targeting Loyola. Another common scam involves an email that appears to come from a professor or supervisor asking you to purchase gift cards in exchange for giveaway items. No legitimate Loyola employee will ever ask you to buy gift cards for any work-related purpose. If you receive such a request, it is always a scam.
If you receive a suspicious email, do not click any links, do not enter your password, and do not reply. Forward the message to ITSServiceDesk@luc.edu and then delete/report it. When in doubt, type websites directly into your browser rather than clicking links in unexpected emails.
Remember to always stay vigilant, trust your gut, and report anything you find suspicious or unexpected.