January 2024 - Phish Bowl

Kindly review changes and amendments in Uthscsa policy

January 25, 2024

This phishing email attempts to impersonate UTHSCSA HR department and direct employees to review a policy update through a QR code. The QR Code redirects to a known Russian based phishing campaign site. The key red flags are as follows: External Sender Address: The email claims to be from UTHSCSA HR but is sent from […]

uthscsa.edu TODAY

January 23, 2024

This email is an example of an attempt to harvest logon credentials by impersonating the UTHSCSA Support desk and prompting users to logon to the malicious link. The key red flags are the following: External Sender Address: The email comes from an external domain with to relation to UT Health. This is a major red […]

Office 365 Expires Today

January 18, 2024

This email is a phishing attempt posing as an Office 365 expiration alert that uses urgency to prompt immediate action. The sender’s address and mismatched domain aim to deceive the recipient, while a conspicuous call-to-action button seeks to harvest credentials. Grammatical errors and external email warnings are telltale signs of its illegitimate nature. Below are […]

ndcourts.gov

January 12, 2024

This email serves as a perfect example of the use of compromised or spoofed domains. The email appears to come from a legitimate .gov domain (ndcourts.gov). Government domains, such as .gov, inherently carry a sense of authority and trustworthiness. Users are more likely to believe the authenticity of an email sent from a .gov address, […]

System Notifications | Uthscsa

January 9, 2024

This is an example of a more targeted attack, in which the attackers attempted to imitate an official Uthscsa notification targeted at a specific user. Below are the red flags to identify this phishing attempt: Suspicious Sender Address: The sender’s email address doesn’t match the official domain of the organization it’s supposedly sent from; it’s […]

New Teams Document in Uthscsa Teams

January 9, 2024

Review the Red Flags that show this email is a Phish/Malware: Sender’s Email Address: The sender’s address appears suspicious and does not match the official email format of the purported organization (Microsoft Teams in this case). Mismatched URL: The displayed URL text and the actual hyperlink (shown by the red arrow) do not match, and […]

Suspicious Login Detected

January 2, 2024

This email is designed to have you access the PDF file in someone’s Google Drive or contact the email address to find out what to do next. This is a scam and the PDF file probably has malicious code. See the Red Flags listed below for information on why this is not a legitimate email. […]

Generous Christmas Gift

January 2, 2024

This has been identified as a Phishing Email. Here are the Red Flags to look for in this email. Unexpected Offer: The email presents an unusually generous offer, which is a common tactic used in phishing to lure individuals with the promise of high-value items for free. Generic Greeting: The email starts with a generic […]