Phishing Alerts

When we receives a phishing email report, we will list them here.  Please note that this will never contain every phishing message you may see but generally targeted messages aimed at the EKU community. 

If you receive these emails, forward them to spam@eku.edu then please delete them from your inbox.  If you clicked on the link or responded to the email in any way, please contact the IT Support Desk at 859.622.3000 as soon as possible.

Phishing Alert: April 29, 2021

SUBJECT: IT Security Update
Contains: Malicious link (shortened URL) to a weebly[dot]com site
Screenshot of scam email:

Phishing Alert: April 13, 2021

Spear phishing emails are sent to specific users by a hacker purporting to be a trusted sender (VP, Dean, Chair, IT, etc.).  The aim is to get your username/password, infect your device with malware, or convince you to hand over money (usually in the form of gift cards).

If a spear phisher emails you, then YOU become the primary line of defense.  Your most straightforward and most general defense is caution.  Tips:

• Don't allow yourself to be hurried or harassed into taking shortcuts.  Forward the email to us at spam@eku.edu, and we will let you know if the email is legitimate.  If not, we block the sender's email address.  They generally use a Gmail account, so it is not that difficult for them to get more addresses.
• If something looks iffy, ask us.
• Never trust outsiders just because they seem to know "insider" facts.  Ask us about the email.
• If you respond, contact the IT Service Desk immediately: 1-859-622-3000

Sample spear phishing email:

Phishing Alert: February 17, 2021

Subject: EKU IS HIRING!
Contains: Malicious Information sent from EKU student accounts with a reply-to Outlook.com address and non-EKU telephone number
Screenshot of scam email:

Phishing Alert: December 16, 2020

Subject: [EXTERNAL] Notification Request on 16/12 at 21:33:23**
Contains: Malicious Link
Screenshot of scam email: