Owens FAQ
Search:     Advanced search

WARNING! Second Phishing Attempt!

08 Apr, 2014

Owens Faculty/Staff members,

Another recent surge in malware threats has occurred at Owens.  Hopefully you are aware from past ITS messages that there are many forms of email threats.  The most prevalent is still the embedded link.  In the last two weeks, ITS has become aware of a different type of threat in the form of an email attachment.  These attachments can be executable files (.exe or .com) masquerading as simple PDF files.

The most recent threat seems to be in the form of a compressed (.zip) file attachment “Invoice001_02.zip”, or something similar.  The message was sent to an authentic Owens employees email address, and you were likely BCC'd: in the message.  The sender's address "From" is: Bankline.Administrator@rbs.co.uk .  Be aware that the subject of the message, senders address or .zip file attachment names can vary as well.   

Opening the attached zipped files can potentially be extremely damaging.  Local files on the PC and even shared network drives can become damaged and no longer accessible for all users of the shared resource.  One specific virus that's been identified recently falls into the category of "ransomware".  When the file attachment is opened, it will encrypt files on the local PC as well as any attached network drives.  It will then pop-up a message on the PC with a ransom demand for a code to decrypt the files in the next 72 hours. Failure to pay the ransom will render the files permanently useless.

When you check messages in your personal quarantine (MailStore - in Ozone), please be very suspect of any message captured in this quarantine.  Messages in MailStore are rated with a SPAM score from 1 - 10, with 10 being the highest threat.  Any message with an attachment that is released from MailStore should have the attachment scanned before opening.  If you are not expecting a message from a sender, or the senders address appears a bit odd or unrecognizable, please contact the IT Help Desk at x7120 before opening any attachments or clicking on the email link.  It would be a good practice to contact the sender and verify that they sent you the message in question if you’re not completely sure about its origin or validity.


PHISHING EMAIL:

From: 

To:  Michael Lastname

BCC:  yourname@owens.edu

Subject:  Outstanding Invoice

Dear michael_Lastname,

Please find the attached copy invoice which is showing as unpaid on our ledger.

I would be grateful if you could look into this matter and advise on an expected payment date .

Many thanks,

Sara Kent

Credit Control

Tel: 0845 300 2952

Attachment : Invoice001_027495 .zip


If you replied or clicked on the link in the email, please reset your password and then contact the IT Help Desk.

Related Articles: