UCSF IT Technology

Threat Alert: What to Watch For Cybercriminals are increasingly using phishing-as-a-service kits to build and distribute lookalike Microsoft Office 365 landing pages via phishing lures.  The phishing lures can be customized to have a variety of different appearances or themes.

Threat Alert: What to Watch For Cybercriminals have launched phishing attacks using malicious invoice-themed attachments to spread malicious software (malware).  The phishing attacks hijack legitimate email threads to deliver the phishing lures to further increase the believability of the attacks.

Threat Alert: What to Watch For Cybercriminals have launched multiple phishing attacks attempting to take advantage of the humanitarian crisis in Turkey and Syria following the earthquake. These attacks are intended to steal recipient’s funds or to lead to the installation of malicious software (malware).  As multiple attacks are exploiting this crisis, lures will appear different.

Threat Alert: OSHA-Themed Phishing Lures Deliver Malware

Threat Alert: What to Watch For Cybercriminals have launched a series of phishing attacks using a timely tax-themed lure.  The lures imitate the sharing of 2022 tax documents via a Citrix ShareFile link. The lures note that the download expires on April 18, 2023, the tax-filing deadline in the United States.

Threat Alert: What to Watch For Cybercriminals have launched a series of phishing attacks using timely tax-themed lures.  While the email from field says “Irs notice” and then the name of the organization, the sending address is a Madwire account. The phishing emails contain an HTML attachment allegedly containing delivery details about a tax related USPS letter.