A sample of a legitimate email from the Nelnet Learning Portal prompting the user to register for PCI DSS training is below.
Email Subject = University of New Hampshire - PCI DSS Training Enrollment
Email Text
CAUTION: This email originated from outside of the University System. Do not click links or open attachments unless you recognize the sender and know the content is safe.
Hi <recipient first name>,
Annual PCI DSS training is one of the requirements that falls under our overall compliance. This is a reminder that you have been enrolled in the following required training course and have been requested to complete this within 3 weeks of enrollment.
University of New Hampshire - PCI DSS Compliance Training
As part of the University of New Hampshire's requirements, you were enrolled in the course on <original enrollment date> and have not yet completed the assigned course. You should have previously received an email with instructions for accessing the online training, as well as a username and password for logging into it. For your reference, that information is included here below:
To access the course, please click on this link below or type it into your browser's address bar:
[link removed]
Username: <username>
Password:
• If you have previously taken this course, then please use the password you set for yourself during that session. If you forgot your password, please click the "Forgot Password" link.
• If you have NOT taken this course before, the default password is: <default password>
• Upon login, you will be prompted to change your password to something personal for future access.
If your job responsibilities have changed and you are no longer involved with handling payment cards, please contact your Supervisor/Manager with any questions. They will address the issue or forward to the appropriate individuals for resolution.
The PCI Steering Committee thanks you in advance for your participation.
Ìý