Posts written by gerwitz

bugs in your site

February 29, 2024

This is a new type of Phish where the person is offering up their services to help identify some vulnerabilities. They are hoping you will pay them for the information they give you. If not, they are counting on you feeling like they will exploit the vulnerabilities if you don’t pay. There are actually some […]


Apply Now

February 2, 2024

A quick browser search using the domain name iconpln.co.id and Red Cross shows a number of companies/universities reporting this phish. The Red Cross uses their own domain name for correspondence; their email address format is FirstName.LastName@redcross.org. Any email coming from the Red Cross would be using that format with redcross.org. The link points to arc-careers.com. […]


Suspicious Login Detected

January 2, 2024

This email is designed to have you access the PDF file in someone’s Google Drive or contact the email address to find out what to do next. This is a scam and the PDF file probably has malicious code. See the Red Flags listed below for information on why this is not a legitimate email. […]


Generous Christmas Gift

January 2, 2024

This has been identified as a Phishing Email. Here are the Red Flags to look for in this email. Unexpected Offer: The email presents an unusually generous offer, which is a common tactic used in phishing to lure individuals with the promise of high-value items for free. Generic Greeting: The email starts with a generic […]


Flexible Home Job

December 21, 2023

This email is an attempt to start a conversation where the sender will gather information used in applying for a job. In the past, we have seen the sender then ask for copies of Driver’s License and Social Security Card. This is designed to gather as much Personal Identifiable Information (PII). This information will be […]


Invoice Payment Confirmed…Settled…Dispatched

December 19, 2023

This Phishing email has a couple of different subject lines but they all have the same goal – make the recipient think they had already payed for items they didn’t order. The end goal is to get the recipient to call the phone number to have the payment rescinded. The person answering the phone will […]


Reset DD

December 14, 2023

This email originated from outside the university but it looked like it was coming from an employee because the scammers used an employee’s name in the signature line. The domain defenceantivirus.com was checked against a site which detects malware on domains and found to have a lot of malware. Anytime Direct Deposit is mentioned in […]


Confidential Message

December 14, 2023

This email asks the recipient to email a code to a specific address to read a confidential message. The email doesn’t include any information to help the recipient know what this is in reference to and it is asking the recipient to email a random, free, Gmail account. The email address listed as sender is […]


Overdue Invoices

December 14, 2023

This email looks like it is coming from UT Health San Antonio but the email address has nothing to do with UTHSA. There is a zero used in the name Statement-0f-Account, probably to get around filters. The attachment has malware and will infect a device if downloaded. Remember to never open an attachment unless you […]


Review your payment or Check out your purchase details

December 7, 2023

There are a couple of versions of this Phishing Scam going around. The idea is to get the recipient to believe they have been charged for something they never purchased, so they will contact the sender to clear up the issue. The sender will be very helpful and ask personal questions to help “clear up […]