UCSF IT Technology

Threat Alert: Company Policy Phishing Lures Bypass MFA 

Threat Alert: Eventbrite-Themed Lures Distribute Malware 

Threat Alert: Dual-Purpose Phish Use Blocked Email Lure

 

Threat Alert: Phishing Attacks Use Lawsuit-Themed Lures to Spread Malicious Scripts

Threat Alert: Lure Spoofs SharePoint and Financial Institution Cybercriminals have launched a series of phishing attacks imitating a financial institution. The lures use an alleged credit card transaction dispute as a theme.  While the emails claim to come from a financial institution, the email sending address does not match the email domain of the spoofed financial organization.

Threat Alert: USDA-Themed Lures Harvest Email Credentials

Threat Alert: Phishing Attacks Abuse Proofpoint Branding

Threat Alert: NHS-Themed Lures Steal Microsoft Credentials Cybercriminals have launched a series of phishing attacks using spoofed or compromised email accounts belonging to the National Health Service (NHS). These emails, which appear to come from a NHS[.]net email address, use the subject line “YOU NEED TO SETTLE THIS.” A fully capitalized subject line like this is unlikely to come from an official government institution.   The lures contain a prompt to review an alleged DocuSign document.