UCSF IT Technology

The US Federal Trade Commission has warned of AI-enhanced voice phishing (vishing) calls impersonating loved ones in distress.  The calls use an AI system to create a believable clone of a loved one’s voice based off publicly accessible voice samples on platforms like YouTube, TikTok, or Instagram.  The impersonated individual will claim to be in distress and ask f

Scammers are creating fake customer support Twitter accounts for various banks and financial institutions.

Following the collapse of Silicon Valley Bank (SVB), cybercriminals have launched phishing attacks to take advantage of the high-profile event.  One widespread lure impersonates Circle, the peer-to-peer payments company that manages the cryptocurrency USDC. The lure encourages recipients to click an offer link to redeem a one-to-one exchange between the cryptocurrency USDC and the U.S.

Cybercriminals have launched phishing attacks using malicious invoice-themed attachments to spread malicious software (malware).  The phishing attacks hijack legitimate email threads to deliver the phishing lures to further increase the believability of the attacks.

The UCSF IT Security Awareness News You Can Use Newsletter includes monthly articles, contests, and upcoming events.  Learn about new threats and how to protect UCSF and yourself from data breaches.  You can also participate in contests to win prizes! Use Security Tools to protect your devices| Multi-factor (Duo) fatigue flyer Contest | See the latest phishing scams Read the March IT Security Awareness News You Can Use

Cybercriminals have launched numerous, different phishing attacks using timely tax-themed lures.  As multiple attacks are leveraging this topic, the lures will appear different.

Cybercriminals have launched multiple phishing attacks attempting to take advantage of the humanitarian crisis in Turkey and Syria following the earthquake. These attacks are intended to steal recipient’s funds or to lead to the installation of malicious software (malware).  As multiple attacks are exploiting this crisis, lures will appear different.

Threat Alert: What to Watch For

Cybercriminals have launched phishing attacks claiming to be senior executives offering employees a Valentine’s Day-themed reward in appreciation of their work.  The message purporting to be from executives might compel users to engage with the supposed employer-related communications.  The promise of a reward or gift for the employee’s dedication to the organization entices recipients to click