Alerts Newsletter Phishing Social Engineering

Scam of the Month: Direct Deposit Phishing Scam Impersonating University Leadership

Chanc Impersonation Direct Deposit Phish

Members of the WashU community are receiving phishing emails impersonating university leadership, including Chancellor Martin and Dean Perlmutter. These messages request changes to direct deposit information due to suspicious activity. 

Phishing scams often impersonate people in leadership positions to encourage a heightened sense of urgency in the recipient. Additionally, information about leaders is publicly available on our website, making it easier for cybercriminals to develop a convincing impersonation. If this were a legitimate email about a direct deposit issue, the message would come from university Payroll or the WashU Workday Support Team. When you receive a message like this, verify the sender and the request using official channels and previously known or publicly available contact information. 

An example of these scam emails is below. We’ve marked up the email to emphasize phishing red flags. This is not a particularly sophisticated impersonation attempt, so these red flags are easy to spot. Impersonation attempts can be quite sophisticated, using spoofed email addresses and other convincing information.  Remain skeptical of emails requesting personal or financial information, even when they are more convincing than the message below. 

Chanc Impersonation Direct Deposit Phish

Phishing Red Flags

  1. The sender is impersonating Andrew Martin, but they are using an unknown email address. 
  2. The subject line communicates an urgent problem. 
  3. The message contains grammatical errors. 
  4. Requesting action ASAP encourages hasty action. 
  5. The signature is incomplete.

If You Receive an Email Like This

  • Do not reply to the message.
  • Do not click any links contained in the message.
  • Immediately report the message to the Office of Information Security using the Phish Alert Button (PAB). If you don’t yet have the PAB, please forward the email as an attachment to

Additional Information About Identifying and Reporting Phishing Emails