UCSF IT Technology

Threat Alert: What to Watch For  

Threat Alert: What to Watch For Attackers have launched a series of phishing attacks impersonating reputable secure share providers, which are used for securely sharing files.  The lures contain links or attachments containing the supposed document.  Interacting with the link or attachment leads to the installation of credential harvesting malicious software (malwa

Threat Alert: What to Watch For Cybercriminals have launched a series of phishing attacks using the promise of a paid Christmas bonus as a lure.

Threat Alert: Company Policy Phishing Lures Bypass MFA 

Threat Alert: What to Watch For Cybercriminals have launched phishing attacks using lures that impersonate Microsoft Teams meeting invites. The lures include a malicious link.  Clicking the malicious link leads to a credential phishing kit that redirects the user to a legitimate login page.

Threat Alert: What to Watch For Cybercriminals have launched phishing attacks impersonating Twitter Services. The emails include links to lookalike landing pages that are designed to steal Twitter credentials and phone numbers. While the email display names make it appear the messages come from “Twitter Services,” the actual sending address is a Gmail account. The emails use the proposed change at Twitter of charging verified users a monthly fee to maintain their verification status.

Threat Alert: What to Watch For Cybercriminals have launched phishing attacks using apparently compromised SAP Concur and DocuSign accounts to distribute malicious emails.  The phishing lures use financial themes, such as an expense report on SAP Concur or a financial settlement document on DocuSign. The lures include malicious links.

Threat Alert: What to Watch For Cybercriminals have launched phishing attacks leveraging compromised Microsoft Office 365 accounts.  The lures include .rpsmg file attachments, as well as embedded URLs hidden behind a “Read the Message” button.    Clicking the malicious link leads to a credential phishing kit that redirects the user to a legitimate login page.

Threat Alert: What to Watch For Cybercriminals have launched a series of phishing attacks using the threat of employee transfers and terminations as a lure.