Threat Alert: What to Watch For

• Cybercriminals have launched phishing attacks that hijack legitimate email threads to deliver malicious URLs. Attackers hijack email threads to further increase the believability of the attacks. This means the lures may appear as responses to previous, legitimate email conversations. 
• The phishing lures contain disguised URLs that are made to look legitimate.  
• The URLs redirect to downloads of an executable (.exe) file onto a visitor’s computer. Running the file installs malicious software (malware). 

Key Action: Report Suspicious Emails

• Report ANY suspicious emails using the Phish Alarm button in your email menu bar. 
• Remember: Our organization occasionally sends phishing simulations that are used to evaluate the potential impact of a real phishing attack. Report any emails that match the tactics described above. 
• If a reported message is a simulation, you will see a notification alerting you to that. No further action is needed on your part. 
• If a reported message was not a simulation, and you are concerned about a time-sensitive request, you must take additional steps to verify the email is valid before acting on it. 

Tips to Remember (at Work and at Home)

• Go beyond surface clues. Familiar logos, branding, and names are not automatic indicators that an email or website is safe. Cybercriminals often imitate well-known organizations.  
• Verify URLs, even if they’re sent through or posted to an internal cloud system or email platform. It’s possible for internal accounts to be compromised. In these cases, internal emails from legitimate employees will have malicious intent. These are very hard to spot, but your attention to detail can help. 
• Email replies from trusted accounts can be malicious. Some phishing attacks will compromise legitimate accounts and respond to conversations to appear more believable. Always be sure to verify the legitimacy of unexpected URLs from trusted sources through a different means of communication, like a phone call or in person.