UCSF IT Technology

Recent email-based attacks have used compromised Microsoft OneDrive accounts to send phishing emails. These emails encourage recipients to click a link to view a shared document. The OneDrive links lead targets to shared PDF documents containing quick response (QR) codes.

Cybercriminals have launched a series of malicious email attacks impersonating an Amazon package order confirmation. The attack uses Amazon-branded emails delivered from a Zoom sending address, as threat actors are abusing Zoom’s infrastructure. The emails prompt recipients to click a link to download an invoice for order details.

Threat Alert: What to Watch For

Cybercriminals have launched a series of phishing attacks using the promise of a paid Christmas bonus as a lure.

Cybercriminals have launched a campaign distributing malware with an AI-themed lure.   The lure purports to be from an “Information Technology Manager” regarding a mandatory system update for employees.  The email body directs recipients as to how they can download the new AI-powered software.

Cybercriminals have launched phishing attacks impersonating Twitter Services. The emails include links to lookalike landing pages that are designed to steal Twitter credentials and phone numbers. While the email display names make it appear the messages come from “Twitter Services,” the actual sending address is a Gmail account. The emails use the proposed change at Twitter of charging verified users a monthly fee to maintain their verification status.