UCSF IT Technology

Cybercriminals have launched phishing attacks leveraging compromised Microsoft Office 365 accounts.  The lures include .rpsmg file attachments, as well as embedded URLs hidden behind a “Read the Message” button.    Clicking the malicious link leads to a credential phishing kit that redirects the user to a legitimate login page.

What’s Happening:We are upgrading Office 2016/2019 (32 Bit) to Office 2021 (64 Bit) on Windows computers.  Computers with Office 365 are not affected.  Why:Office 2016/2019 will reach the End-of-Support (EOS) on October 14, 2025.  Microsoft will no longer provide updates after this date.  How:

Cybercriminals are increasingly using phishing-as-a-service kits to build and distribute lookalike Microsoft Office 365 landing pages via phishing lures.  The phishing lures can be customized to have a variety of different appearances or themes.

Threat Alert: USDA-Themed Lures Harvest Email Credentials

Please note that this is not an all-inclusive list of all of the phishing and social engineering threats but rather ones that are typical of current threats and/or ones that impacted UCSF staff, faculty, and/or learners (must be logged in to MyAccess to view). Be diligent with all communications, and please, even if you think an email might be a phish, report it via Phish Alarm and find out almost instantly in most cases.