Inside Luther Seminary

Inside Luther Seminary

Office of Technology

Happy 2026! A look back at phishing and scams in 2025.

Posted on

Many Email Scams in 2025

With so many retrospectives on 2025 being published, this seems like the time to look back on the increased number of phishing attacks or money scams targeting the campus this past year. We had so many more scams in 2025 than I’ve ever seen in my 28 years in IT.  Augsburg University had a similar high amount of scams too. Here’s some reminders of scams I remember at the Seminary.

  • Fake Paypal money request scam in January
  • A “Luther Resumption Notice” phish in January
  • Fake Paypal order scam in February
  • A “Staff Intention Form” phish in August
  • A “Company Values Check-In” phish in October
  • A gift card scam from a fake President Steinke in December
  • Fake remote “Undergraduate Research Assistant” job in December

With all of these scams, there are several red flags to look for. Keep in mind that no single red flag is definite that something is a scam. But if the flags are adding up that should increase your suspicion. Some examples are

  • A deal that seems too good to be true. It often is fake.
  • A deal that is unexpected or not the norm. 
  • A deal that wants payment through an app or bank transfer or text.
  • People or names of departments are referenced that are not recognized.
  • Language that sounds a little off.
  • A sense of urgency requiring your action quickly.
  • A link to a website that requires a login or is a form that is asking for your password.
  • A From email address that is outside of Luther Seminary.

With all of these red flags, there are ways for scammers to seem legitimate.

  • With AI and information on our website, scammers can write emails that sound quite real and reference real people.
  • With phishing attacks, a phishing victim’s account can be used by a scammer to send more emails adding to the look of legitimacy.
  • Copying the look (branding) of a Luther Seminary site is not hard to do. Always pay attention to the URL (address) too.

What should I do if I get scammed?

  • If money is involved, the FTC has some recommendations to try to get it back. 
  • If you entered your password on any form or strange looking website, immediately change it on the OT Page. Never approve any Duo pushes you weren’t expecting or have a strange location
  • If you started texting with the scammer, block the number.
  • Mark the scam email as spam or phishing to train Google. Many scams are now going straight to spam and not reaching your InBox.
  • Contact the Help Desk (helpdesk@luthersem.edu). We always appreciate you forwarding emails you’re not sure about.

Disabled Accounts

Keep in mind that if we detect or if Google detects that your account has been compromised from a phish we will disable your account as quickly as we can to prevent more phishing or scam emails. What you’ll experience is that you are suddenly signed out of your account and your password doesn’t work. You’ll need to contact us (helpdesk@luthersem.edu or 651-641-3462) to regain access to your account. We will verify your identity before unlocking the account.

General Advice

The most general advice I can give you is slow down, read something more than once, and let it sit before acting.  Trust your gut – if something smells phishy it likely is a scam or phish.