uthscsa.edu TODAY
Published On: January 23, 2024
Shared by soukupg
This email is an example of an attempt to harvest logon credentials by impersonating the UTHSCSA Support desk and prompting users to logon to the malicious link. The key red flags are the following: External Sender Address: The email comes from an external domain with to relation to UT Health. This is a major red […]
Read more
Office 365 Expires Today
Published On: January 18, 2024
Shared by soukupg
This email is a phishing attempt posing as an Office 365 expiration alert that uses urgency to prompt immediate action. The sender’s address and mismatched domain aim to deceive the recipient, while a conspicuous call-to-action button seeks to harvest credentials. Grammatical errors and external email warnings are telltale signs of its illegitimate nature. Below are […]
Read more
ndcourts.gov
Published On: January 12, 2024
Shared by soukupg
This email serves as a perfect example of the use of compromised or spoofed domains. The email appears to come from a legitimate .gov domain (ndcourts.gov). Government domains, such as .gov, inherently carry a sense of authority and trustworthiness. Users are more likely to believe the authenticity of an email sent from a .gov address, […]
Read more
System Notifications | Uthscsa
Published On: January 9, 2024
Shared by soukupg
This is an example of a more targeted attack, in which the attackers attempted to imitate an official Uthscsa notification targeted at a specific user. Below are the red flags to identify this phishing attempt: Suspicious Sender Address: The sender’s email address doesn’t match the official domain of the organization it’s supposedly sent from; it’s […]
Read more
New Teams Document in Uthscsa Teams
Published On: January 9, 2024
Shared by soukupg
Review the Red Flags that show this email is a Phish/Malware: Sender’s Email Address: The sender’s address appears suspicious and does not match the official email format of the purported organization (Microsoft Teams in this case). Mismatched URL: The displayed URL text and the actual hyperlink (shown by the red arrow) do not match, and […]
Read more
Suspicious Login Detected
Published On: January 2, 2024
Shared by gerwitz
This email is designed to have you access the PDF file in someone’s Google Drive or contact the email address to find out what to do next. This is a scam and the PDF file probably has malicious code. See the Red Flags listed below for information on why this is not a legitimate email. […]
Read more
Generous Christmas Gift
Published On: January 2, 2024
Shared by gerwitz
This has been identified as a Phishing Email. Here are the Red Flags to look for in this email. Unexpected Offer: The email presents an unusually generous offer, which is a common tactic used in phishing to lure individuals with the promise of high-value items for free. Generic Greeting: The email starts with a generic […]
Read more
Flexible Home Job
Published On: December 21, 2023
Shared by gerwitz
This email is an attempt to start a conversation where the sender will gather information used in applying for a job. In the past, we have seen the sender then ask for copies of Driver’s License and Social Security Card. This is designed to gather as much Personal Identifiable Information (PII). This information will be […]
Read more
Invoice Payment Confirmed…Settled…Dispatched
Published On: December 19, 2023
Shared by gerwitz
This Phishing email has a couple of different subject lines but they all have the same goal – make the recipient think they had already payed for items they didn’t order. The end goal is to get the recipient to call the phone number to have the payment rescinded. The person answering the phone will […]
Read more
Reset DD
Published On: December 14, 2023
Shared by gerwitz
This email originated from outside the university but it looked like it was coming from an employee because the scammers used an employee’s name in the signature line. The domain defenceantivirus.com was checked against a site which detects malware on domains and found to have a lot of malware. Anytime Direct Deposit is mentioned in […]
Read more