Go to the U of M home page

Monday, May 9, 2016

Phishing Example 144: Xxxxx Yyyyyy sent you a document....

Received May 2016

From:
Date: May 8, 2016 9:24 AM
Subject: Xxxxx Yyyyyy sent you a document....
To:
Cc:

Xxxxxx Yyyyyy  has invited you to *view* the following shared documents.

A very common sender is one UMN user who was compromised (other compromised accounts have even sent this mail "as" that user)  but we have seen "from" other false names as well.

Open <hxxp : / /  bit.ly/xxxxxxxxxxx>




NOTES:

  • May come "from" a real colleague (whose email account was compromised)
  • "Shared Document" is linked using a URL shortener like bit.ly
  • Link pulls a javascript file from dropbox to display a web page. but examination of the address bar DOES NOT show a conventional URL, instead you'll see something starting with "data:text"
Posted by at

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.

Subscribe to: Post Comments (Atom)

© Regents of the University of Minnesota. All rights reserved. Equal opportunity educator and employer.