Administrative officials such as Presidents, Provosts, and similar authorities at institutions are common targets for impersonation using fake emails to solicit personal information from students and employees.

Once a hacker has access to a trusted ESU account they can access the ESU address list and email all of campus using their choice of malicious email. The phishing example below was meant to leverage a person’s financial interests.

Important Message from School's Finance Office:

The link likely directs you to a phishing site.  Avoid it!

A phishing email with a subject of Important Message from School's Finance Office

A common tactic we are seeing is the following format of impersonation:

Official communications usually include custom headers and footers with Emporia State University graphics.

ESU employees usually include a "signature" that includes ESU graphics, detailed contact info, titles and social media.  The sample above is very generic and is a clue that this is a phishing attempt.