PRESIDENT AND ADMINISTRATIVE EMAILS
Administrative officials such as Presidents, Provosts, and similar authorities at institutions are common targets for impersonation using fake emails to solicit personal information from students and employees.
Once a hacker has access to a trusted ESU account they can access the ESU address list and email all of campus using their choice of malicious email. The phishing example below was meant to leverage a person’s financial interests.
Important Message from School's Finance Office:
The link https://funhill.com.ng/360/ likely directs you to a phishing site. Avoid it!
A common tactic we are seeing is the following format of impersonation: firstname.lastname@example.org
Official communications usually include custom headers and footers with Emporia State University graphics.
ESU employees usually include a "signature" that includes ESU graphics, detailed contact info, titles and social media. The sample above is very generic and is a clue that this is a phishing attempt.