You are here

Be aware of the latest phishing emails

Tue, 06/21/2022 - 10:14am -- David Savoie

Active Account Validation

Yet another attempt to gain access to user accounts has been received by campus email

This one is sent from a valid campus email address which had been compromised.  There is one one link in the email, which if you HOVER over the link, displays it links to a suspicious looking, non-campus address.  

This is a phishing attempt and should be deleted.  If you clicked on the link and provided information on the resulting page, you should change your password immediately and contact the IT Service Desk for futher assistance. 



Identity Management System - Password Expiration Notice

This is an example of the latest phishing scam attempt sent as an email to many campus customers.  With a few tricks, you can see the warning flags on this attempt:


First, if you HOVER your mouse over any of the links in the email, highlighted in yellow in the image, you will notice a "callout" which describes the link. While the text displayed leads you to believe it is from the University, the link address is not a address. This is usually an indication the email is an attempt to get your information.

Second, email addresses in the "to" and from", highighted green in the image, indicate a non recipient in this case.  While this characteristic doesn't always give a clear warning, it is a good idea to be wary of emails containing non-UL addresses.  This particular attempt is tricky because it does appear to come FROM an address.  Don't just rely on one or two attributes, pay attention to the entire email.

Third, the message body of this email contains a phrase meant to alarm you to act quickly, highlighted in blue in the image.  Scammers will prey upon your conern that you are about to lose access to your information.  "Act Now!", or "Final", or "You will lose access" are words designed to trigger a sense of urgency to make you act quickly and possibly ignore other warning signs.

The links in this particular email have been rendered safe by the email administration team.  

ALWAYS, if in doubt, forward the suspected email to and don't click on any links in the email and do not provide any requested information, if you do click the links, until you have been notified the email is legitimate.  If it is a phishing email, delete it after reporting it.

You can also contact the IT Service Desk at, or 3374824357, if you have any questions.

What is an Overpayment Scam?

Overpayment scams offer you an opportunity to make a couple hundred dollars to have your car wrapped in advertisements. The scammer will send you a fake check for thousands of dollars for you to deposit the money into your account, keep your portion, and forward the remaining dollars back to the scammer. By the time the scammer receives your money, the bank will realize the check was fake, and you will have lost the entirety of the money you sent.

Learn how to spot a car wrap scam on the Federal Trade Commission website.


What is a Part-time Job Scam?

Scammers will claim to be from UN UNICEF or Heal Torture Aid and will offer you an opportunity to make some money. These scams work just like overpayment scams. The scammer will send you a fake check to deposit into your account and will ask you to keep your portion and forward the remaining dollars back to them. The scammer will receive your money, the initial check won't clear the bank, and you will lose the money you sent.

Learn more about part-time job scams on the Federal Trade Commission website.

What are phishing scams?

Phishing scams use email and fraudulent websites to trick you into disclosing personal financial or identity information, such as credit card or Social Security numbers, user names, passwords, and addresses.

How do I know it's a phishing email?

The Federal Trade Commission has information to help you learn how to recognize and avoid phishing scams.

The University suggests the following tips:

  • Before clicking on a link in any email, hover over the link to see where it is actually going.
  • Do not rely on the text of the link. Emails from the University will link to pages with a "" address.
  • If you are ever in doubt, forward the email to


I received a phishing email, what do I do?

Do not open it; delete it immediately.

I'm concerned my account may have been compromised, what should I do?

If you are concerned that your account may have been compromised, immediately change your ULID password. If you have questions or concerns, contact the IT Service Desk at or (337) 482-4357.

How can I better protect myself from phishing scams?

Everfi offers employees an online security course through Cornerstone titled Checkpoint: Data Security and Privacy. The free course will teach you how to recognize and respond to potential cyberattacks. Specific topics include phishing, pharming, social engineering, secure wireless connections, creating strong passwords, encryption, safe browsing, and watering hole attacks. Learn more about accessing the course.

Learn more about phishing scams.

If you have questions or concerns, contact the IT Service Desk at or (337) 482-4357.