MyUT_Health-IMS Email Confirmation
This email below has been confirmed as malicious or fraudulent by the Information Security department. If you have received this phishing email, do not open any attachments or follow the link(s) in the message; simply delete the email.This is a dangerous email, because it doesn’t have the usual red flags. The only red flag it had was it was sent outside of normal business hours. This tactic targets mobile users, making it easier to overlook other warning signs.
There is an embedded image with a hidden malicious link in the body of the email.
The primary aim was to capture employees’ login credentials and mobile phone numbers.
Attack Mechanism:
Upon clicking the link in the image, users were directed to a fraudulent page prompting them to enter their login details and mobile number.
The attackers then utilized the stolen credentials and phone number to initiate a Duo 2FA phone call, which unsuspecting users approved.
This granted the attackers access to change account passwords and modify bank direct deposit information.
