UCSF IT Technology

Cybercriminals have launched phishing attacks impersonating Twitter Services. The emails include links to lookalike landing pages that are designed to steal Twitter credentials and phone numbers. While the email display names make it appear the messages come from “Twitter Services,” the actual sending address is a Gmail account. The emails use the proposed change at Twitter of charging verified users a monthly fee to maintain their verification status.

Threat Alert: TOAD Attack Spoofs Geek Squad Branding

Threat Alert: Eventbrite-Themed Lures Distribute Malware 

Cybercriminals have launched a campaign distributing malware with an AI-themed lure.   The lure purports to be from an “Information Technology Manager” regarding a mandatory system update for employees.  The email body directs recipients as to how they can download the new AI-powered software.

Cybercriminals have launched phishing attacks using lures that impersonate Microsoft Teams meeting invites. The lures include a malicious link.  Clicking the malicious link leads to a credential phishing kit that redirects the user to a legitimate login page.

Attackers have launched a series of phishing attacks impersonating reputable secure share providers, which are used for securely sharing files.  The lures contain links or attachments containing the supposed document.  Interacting with the link or attachment leads to the installation of credential harvesting malicious software (malwa