UCSF IT Technology

Cybercriminals have launched phishing attacks impersonating Twitter Services. The emails include links to lookalike landing pages that are designed to steal Twitter credentials and phone numbers. While the email display names make it appear the messages come from “Twitter Services,” the actual sending address is a Gmail account. The emails use the proposed change at Twitter of charging verified users a monthly fee to maintain their verification status.

Attackers have launched a series of phishing attacks impersonating reputable secure share providers, which are used for securely sharing files.  The lures contain links or attachments containing the supposed document.  Interacting with the link or attachment leads to the installation of credential harvesting malicious software (malwa

Cybercriminals have launched phishing attacks using lures that impersonate Microsoft Teams meeting invites. The lures include a malicious link.  Clicking the malicious link leads to a credential phishing kit that redirects the user to a legitimate login page.

Threat Alert: Bonus-Themed Lures Harvest Credentials 

Cybercriminals have launched a series of phishing attacks imitating a financial institution. The lures use an alleged credit card transaction dispute as a theme.  While the emails claim to come from a financial institution, the email sending address does not match the email domain of the spoofed financial organization.

Threat Alert Phishing Attacks Impersonate Philippine Agency

Cybercriminals have launched phishing attacks using apparently compromised SAP Concur and DocuSign accounts to distribute malicious emails.  The phishing lures use financial themes, such as an expense report on SAP Concur or a financial settlement document on DocuSign. The lures include malicious links.

Cybercriminals have launched a series of phishing attacks using the threat of employee transfers and terminations as a lure.