Log in to see all content. Some content is hidden to the public.
Can't find what you're looking for? Help us improve the search functionality by reporting the expected results.
97 Results
May 2023: AI-Themed Phishing Lures Distribute Threats
Threat Alert: What to Watch For Cybercriminals have launched a campaign distributing malware with an AI-themed lure. The lure purports to be from an “Information Technology Manager” regarding a mandatory system update for employees. The email body directs recipients as to how they can download the new AI-powered software.
May 2023: Phishing Attacks Impersonate Secure Share Providers
Threat Alert: What to Watch For Attackers have launched a series of phishing attacks impersonating reputable secure share providers, which are used for securely sharing files. The lures contain links or attachments containing the supposed document. Interacting with the link or attachment leads to the installation of credential harvesting malicious software (malware).
IT Administration
Administrative Services is a UCSF IT combined team providing high-touch, cross-functional human resource management and development support for IT leaders and staff across the organization.
Jun 2023: Phishing Attacks Use Compromised Microsoft Office 365 Accounts
Threat Alert: What to Watch For Cybercriminals have launched phishing attacks leveraging compromised Microsoft Office 365 accounts. The lures include .rpsmg file attachments, as well as embedded URLs hidden behind a “Read the Message” button. Clicking the malicious link leads to a credential phishing kit that redirects the user to a legitimate login page.
Jan 2023: Compensation-Themed Phishing Lures Harvest Microsoft Credentials
Threat Alert: What to Watch For Cybercriminals have launched a series of phishing attacks using timely email phishing lures related to annual compensation reviews and bonuses. The phishing emails encourage recipients to click a lure to confirm a payment-related change.
Oct 2023: Israel-Palestine Humanitarian Crisis Donation Scam
Threat Alert: Israel-Palestine Humanitarian Crisis Donation Scam
Mar 2023: Malicious OneNote Attachment Lures
Threat Alert: What to Watch For
Mar 2023: Attacks Spread Microsoft Teams-Themed Lures
Threat Alert: What to Watch For Cybercriminals have launched phishing attacks using lures that impersonate Microsoft Teams meeting invites. The lures include a malicious link. Clicking the malicious link leads to a credential phishing kit that redirects the user to a legitimate login page.
IT Finance
The IT Finance and Campus Finance teams are responsible for the stewardship of IT’s financial resources (~$300M in annual spend and ~900 FTE). We ensure both IT’s and the institution's fiscal goals are met in compliance with accounting, regulatory, and other policies.
May 2023: Phishing Kit Uses Finance-Themed Lures
Threat Alert: What to Watch For Cybercriminals are increasingly using phishing-as-a-service kits to build and distribute lookalike Microsoft Office 365 landing pages via phishing lures. The phishing lures can be customized to have a variety of different appearances or themes.