Phishing Alert

Security Incident at City of Dallas

City of Dallas logoWe are tracking a news story about the City of Dallas. Reports indicate that the City of Dallas is experiencing service outages associated with a ransomware attack on its IT systems. We will continue to monitor the situation to ensure that SMU is not impacted, but we’ll need your help to monitor for any suspicious activity.

The cybercriminals responsible for this attack have been known to send phishing messages with malicious PDF messages attached to get inside their victim’s networks. Please continue to be vigilant for suspicious messages, and don’t open files using the .pdf file extension from people you don’t know. Also, please remember those email senders outside of SMU will automatically be tagged with the words [External Sender] to help you identify messages that may spoof real SMU users but originate outside the University.

If you have questions or concerns while monitoring your systems or supporting your users, we invite you to contact us via

More details about the event can be found at

Service outage notice on the City of Dallas homepage
The service outage notice remains on the City of Dallas homepage the Friday after the attack.

Please remember that SMU’s Office of Information Technology (OIT) will NEVER ask you to verify your account information, provide your password, or any personally identifiable information via email. Do not respond to any emails requesting this information. If you are still unsure, contact the IT Help Desk (214-768-HELP (4357) or ), and they will be happy to verify the legitimacy of the message. For more information about reporting spam or phishing, please visit

Thank you for helping to protect our accounts and SMU information.

Update 05/05/2023, 11:26 a.m.: The Dallas Morning News is reporting a group called Royal is behind the ransomware attack on Dallas.The City of Dallas homepage screenshot has been added.

Print Friendly, PDF & Email

Published by

George Finney and Ian Aberle

George Finney is the Chief Security Officer at Southern Methodist University. He is responsible for implementing and monitoring a diverse security infrastructure to protect the University network and data.