Information Technology Services reminds you to be wary of suspicious-looking emails that may appear to come from a WVU official or employee seeking a favor. These are scams aimed at stealing money, gift cards or sensitive information.  

Unlike generic phishing emails, these so-called spear phishing emails are harder to detect because they include details that are specific to you or your role on campus. They may seem like genuine requests, but there are usually clues they aren’t: 

Spear phishing emails often:

• Have a fake email address or link that is cleverly disguised to appear to be from an official WVU source (i.e. presidentsofficewvu@gmail.com or www.login.wvu.edu0.in). Slow down, check the return address and hover over embedded links to see where the information is really going.
  
• Contain a threat or warning of severe consequence if you do not act immediately with subject lines like “Very Urgent” or even “Help.” But sometimes, they just say “Hello.” 
  
• Request immediate payment through wire transfer, Western Union, money order, gift cards, bitcoin or reloadable debit card.
  
• Have poorly formatted text, questionable grammar or use strange phrases. No one who works at WVU would call us The University of West Virginia, for example, or refer to you as “User” instead of your name.
  

When you receive a suspicious email that has some or all of these signs, be skeptical. Would your dean really ask you to purchase gift cards while she was in an all-day meeting? Would President Gee ask you directly about the status of a vendor payment? Chances are, those emails are scams.
When in doubt, contact the person directly to confirm the request is legitimate and forward the email as an attachment to ITS at defendyourdata@mail.wvu.edu for analysis.