UCSF IT Technology

Cybercriminals have launched a series of phishing attacks that claim to inform the recipient of physical altercations between employees and equipment damage at a worksite.  The lures include a malicious attachment allegedly containing a video of the altercation.

Cybercriminals have launched phishing attacks leveraging compromised Microsoft Office 365 accounts.  The lures include .rpsmg file attachments, as well as embedded URLs hidden behind a “Read the Message” button.    Clicking the malicious link leads to a credential phishing kit that redirects the user to a legitimate login page.

Attackers have launched a series of phishing attacks impersonating reputable secure share providers, which are used for securely sharing files.  The lures contain links or attachments containing the supposed document.  Interacting with the link or attachment leads to the installation of credential harvesting malicious software (malwa

Cybercriminals have started using the URL shortening service clck[.]ru in widespread phishing attacks in April.  The nature of these attacks and the lures used vary greatly.

Cybercriminals have launched a series of phishing attacks using an emailed fax of an alleged paycheck as a lure.

Cybercriminals have launched a series of phishing attacks using the promise of a paid Christmas bonus as a lure.

Cybercriminals have launched a series of malicious email attacks impersonating an Amazon package order confirmation. The attack uses Amazon-branded emails delivered from a Zoom sending address, as threat actors are abusing Zoom’s infrastructure. The emails prompt recipients to click a link to download an invoice for order details.

The link to the quiz is at the end of the article. Everyone who passes during July is entered to win one of six grand prizes!

Cybercriminals have launched phishing attacks that hijack legitimate email threads to deliver malicious URLs. Attackers hijack email threads to further increase the believability of the attacks.