UCSF IT Technology

Cybercriminals have launched phishing attacks using apparently compromised SAP Concur and DocuSign accounts to distribute malicious emails.  The phishing lures use financial themes, such as an expense report on SAP Concur or a financial settlement document on DocuSign. The lures include malicious links.

Threat Alert: TOAD Attack Spoofs Geek Squad Branding

Threat Alert: Eventbrite-Themed Lures Distribute Malware 

Cybercriminals have launched phishing attacks using malicious invoice-themed attachments to spread malicious software (malware).The phishing attacks hijack legitimate email threads to deliver the phishing lures to further increase the believability of the attacks. This means the lures may appear to be response to previous, legitimate email conversations.The malicious attachments used in this campaign are extremely large, zipped Microsoft Word files.

Cybercriminals have launched multiple phishing attacks attempting to take advantage of the humanitarian crisis in Turkey and Syria following the earthquake. These attacks are intended to steal recipient’s funds or to lead to the installation of malicious software (malware).  As multiple attacks are exploiting this crisis, lures will appear different.