UCSF IT Technology

Cybercriminals have launched a campaign distributing malware with an AI-themed lure.   The lure purports to be from an “Information Technology Manager” regarding a mandatory system update for employees.  The email body directs recipients as to how they can download the new AI-powered software.

Cybercriminals have launched a series of phishing attacks using a timely tax-themed lure.  The lures imitate the sharing of 2022 tax documents via a Citrix ShareFile link. The lures note that the download expires on April 18, 2023, the tax-filing deadline in the United States.

Cybercriminals have launched Okta-branded phishing attacks encouraging recipients to follow a link to resynchronize their Okta and Microsoft accounts.   Clicking on the link leads to a credential phishing kit that redirects the user to a lookalike Microsoft login page.

Cybercriminals have launched phishing attacks using lures that impersonate Microsoft Teams meeting invites. The lures include a malicious link.  Clicking the malicious link leads to a credential phishing kit that redirects the user to a legitimate login page.

Cybercriminals have launched a series of phishing attacks using the threat of employee transfers and terminations as a lure.

Cybercriminals have launched series of phishing attacks claiming to be from the recipient’s HR department. The lures use a variety of sender names like HR Alerts or HR Department; however, the actual sending address is not associated with a recipient’s company or HR department.

Cybercriminals have launched phishing attacks abusing legitimate tools that are used to direct web traffic.  Phishing lures contain an embedded URL that leads to a lookalike Google Chrome update site.  Downloading the fake Google Chrome update installs a legitimate tool used for remotely monitoring and supporting computers.

Threat Alert: What to Watch For