Clues that it is a phishing message:

• The sender is spoofing an SMU email account. Internal SMU emails would not be marked as “External Sender.”
• Generic greeting using Southern Methodist University as the recipient’s name.
• The contact phone number is not using a local area code.
• While there are no clickable links in this message, they are waiting for the user to respond to see if they took the bait. More information on this type of phishing is available at https://blog.smu.edu/itconnect/2019/01/25/gift-card-phishing-scam-fake-supervisor-email-address/

What to do now?

If you are the recipient of this scam or a similar one, please DO NOT respond any further or click on any URLs you may have been sent. If you have provided any banking or financial information, please notify your bank or financial institution immediately. If you have been sent a check, you should not attempt to cash or deposit it. If you have deposited the check already, please get in touch with your bank immediately and tell them that it may be part of a scam.

Whether or not you responded to the scam, please forward the message (with the email headers) to spam@smu.edu. We will also keep track of any other information you submit about the scammers, such as their phone numbers. If you were sent a check or any other materials, please send pictures of it and the envelope in which it was received to infosec@smu.edu.

How do I forward full email headers?

Full instructions for How to Forward an Email as Attachment are available at smu.edu/spam.