Skip to Content
Department of Information Technology

Cybersecurity Alert: Increase in Phishing Scams

warning email icon on a laptopThe Department of Information Technology warns the Seton Hall community of a surge in phishing scams designed to steal personal and financial information. These attacks often occur during busy academic periods, such as the start of a semester or around financial aid deadlines, when students, faculty, and staff are managing multiple priorities. Staying alert is essential to protect both personal and University data.

Phishing attacks often involve emails that that appear legitimate, prompting users to click on links or share sensitive information. Scammers commonly use urgent language about account issues, financial aid or refunds to pressure users into acting without caution.

Common Phishing Scams

  1. Fake Google Forms: Scammers send emails containing links to fake Google Forms that request urgent personal or financial information. These forms often mimic the University’s branding, using official colors, logos and names to appear legitimate.

  2. Website Cloning: Attackers copy the University login page and redirect users to fraudulent websites to steal login credentials.

  3. Two-Step Attacks: Attackers first target faculty and staff with fake emails about raises or bonuses to steal credentials. Compromised accounts are then used to send job or financial aid scams to students.

  4. Financial Fraud: Criminals gain access to email accounts and redirect legitimate payments, such as financial aid or refunds, to their own accounts. They monitor email activity to learn financial processes and then impersonate University staff to send convincing requests for payment changes, leading users to unknowingly transfer funds. These funds are quickly moved across multiple accounts, making recovery difficult.

Protect Yourself from Phishing

  • Enable Multi-Factor Authentication (MFA): MFA adds an additional layer of security. Even if your password is compromised, attackers cannot access your account without the second verification step.

  • Avoid Clicking Suspicious Links: Hover over links to confirm they lead to official Seton Hall pages. Be cautious of emails claiming your account is expiring or requesting information through unfamiliar forms.

  • Be Suspicious of Urgent or Unfamiliar Requests: Messages about bonuses, job offers or sudden financial changes may indicate a scam.

  • Never Share your Passwords: No Seton Hall staff member will ask you to share passwords or enter them into Google Forms or other insecure platforms. If you suspect your account is compromised, change your password immediately.

  • Report Suspicious Activity: Use the Report Phishing button in Outlook to report suspected phishing emails to IT Security. Contact the Department of Information Technology by submitting a service desk ticket on the Technology Service Desk portal if you suspect your account has been compromised.

Phishing threats continue to evolve, but simple precautions make a big difference. Take time to review emails carefully, question unusual requests and use security tools like MFA to keep your accounts safe. If something feels off, trust your instincts and report it.

Categories: Science and Technology

For more information, please contact:

NEWS CATEGORIES