Sep 2023: Credential Phishing Lure Imitates SharePoint and Financial Institution
Threat Alert: Lure Spoofs SharePoint and Financial Institution Cybercriminals have launched a series of phishing attacks imitating a financial institution. The lures use an alleged credit card transaction dispute as a theme. While the emails claim to come from a financial institution, the email sending address does not match the email domain of the spoofed financial organization.
Aug 2023: USDA-Themed Lures Use Embedded URLs, QR Codes to Harvest Email Credentials
Threat Alert: USDA-Themed Lures Harvest Email Credentials
Aug 2023: Phishing Attacks Abuse Proofpoint Branding
Threat Alert: Phishing Attacks Abuse Proofpoint Branding
Aug 2023: Lawsuit-Themed Lures Spread Malware
Threat Alert: Phishing Attacks Use Lawsuit-Themed Lures to Spread Malicious Scripts
Report a Security Incident
Steps to follow Report anything that causes concern Immediately contact the UCSF Service Desk to report an information security problem or a possible or potential information security problem. Phone: 415-514-4100 Email: [email protected] Web: http://help.ucsf.edu
Aug 2023: Geek Squad-Themed Lures Used in TOAD Attacks
Threat Alert: What to Watch For Recent phishing emails are masquerading as notifications alerting the recipient to an automatic renewal of Best Buy’s Geek Squad Total Protect & Webroot Advance Threat Protection. The emails, however, do not use Best Buy sending addresses. Unlike many traditional phishing attacks, the emails do not include malicious links or attachments.
Jul 2023: Phishing Attacks Use Fight-Themed Lure to Spread Malware
Threat Alert: What to Watch For Cybercriminals have launched a series of phishing attacks that claim to inform the recipient of physical altercations between employees and equipment damage at a worksite. The lures include a malicious attachment allegedly containing a video of the altercation.
Jun 2023: Phishing Attacks Use Compromised Microsoft Office 365 Accounts
Threat Alert: What to Watch For Cybercriminals have launched phishing attacks leveraging compromised Microsoft Office 365 accounts. The lures include .rpsmg file attachments, as well as embedded URLs hidden behind a “Read the Message” button. Clicking the malicious link leads to a credential phishing kit that redirects the user to a legitimate login page.
Jul 2023: HR Themed Phishing Attacks
Threat Alert: What to Watch For Cybercriminals have launched series of phishing attacks claiming to be from the recipient’s HR department. The lures use a variety of sender names like HR Alerts or HR Department; however, the actual sending address is not associated with a recipient’s company or HR department.