Go to the U of M home page

Tuesday, October 27, 2015

Phishing Example 114: (umn.edu) email quota

Received October 2015

From: Help | IT@UMN
Date: Tue, Oct 27, 2015 at 6:16 AM
Subject: *****SPAM***** (umn.edu) email quota
To:
 
 
Dear umn.edu Account User,



You have exceeded your (umn.edu) email quota, Click on the link below to
re-validate your email account.



hxxp://xxxxxxxxxx.jimdo.com/



Thanks,

Helpdesk - University of Minnesota - (OIT)


Things to note:


  • Better than average branding attempt
  • Uses UMN logo
  • HOSTED AT JIMDO.COM(!)




Thursday, October 15, 2015

Phishing Example 113: Your Application (poisoned attachment scam)

Received October 2015

HOUSTON
Methodist
WEST HOSPITAL


Thank you for your application. At Houston Methodist, we are proud of the talented, knowledgeable and dedicated employees who have helped build our tradition of excellence in health care.
Complete the application form attached. Job description and requirements for the position can be viewed on our website or from Google drive.

hxxps://drive.google.com/open?id=xxxxxxxxxxxxxxxxxx

Regards.
Xxxxxxx Xxxxxxxx
423-###-###
Houston Methodist



    BE AWARE!
This email links to an innocuous looking Google Drive (below), with an application form and "application requirements" file. The requirements file is actually a poisoned .scr file that, on a windows system could install trojan software.

Anyone who opened the Application file should contact their tech support for assistance in determining whether they have been compromised.

Monday, October 12, 2015

Phishing Example 112 (multiple) Pdf ready / Attached review / urgent attachment / Column Page

Received October 2015

  • Multiple subjects sent from compromise UMN accounts - all messages identical
  • Address NOT Google, but a Canadian address


From:
Date: Oct 12, 2015 8:10 AM
Subject: Pdf ready
To:
Cc:

Please kindly find the last page of paper work Uploaded using Google drive
<hxxx//xxxxx.xx.ca/floxy/trophy/auth/view/document> for your review,
please follow the instruction to make view attachment.

Regards


NOTE: Google logo is NOT current:

NOTE: This is NOT STANDARD GOOGLE DRIVE LOGIN