March 28, 2024

This email attempts to impersonate a legitimate employee by using a real employee name, but originates from a suspicious external domain. There are many variation of this email utilizing different employee names. It is likely that the attacker is using publicly available directory information to target employees within a department by using a familiar name. […]

Document from HP LaserJet Pro Scanner

March 26, 2024

This email attempts to impersonate a notification from HP alerting the recipient that they have received a scanned document. The word document contained in the email contains a link to a website which attempts to impersonate hp.com. The URL was found to contain malware. Below are the red flags: Suspicious Attachment: Attachments are the most […]

Asset Works: User Password Expiration – Reminder

March 7, 2024

This email originates from awsupport@assetworks.com, which is a legitimate Asset Works account. Asset Works is software development company whose products are used by UT Health San Antonio for fleet vehicles and the gas needed for them. However, due to the suspicious nature and recent proliferation of these emails to various faculty outside the fleet vehicle […]