Go to the U of M home page

Thursday, February 9, 2017

Example 186: fraudulent card charge

Fraudulent email complaint challenging a "credit card charge"; aims to deliver malware.


Date: Wed, Feb 8, 2017 at 9:20 AM
Subject: fraudulent card charge
To: name @ umn.edu

Who the XXXX are you and why is there a charge from umn.edu on my card?
Here you can view my statement , get back to me asap.
<hxxp:// www. xxxx .co.jp/api/get.php?id=xxx    >
Thank you
Tyler Holmes

  • multiple recipients
  • email to "name@umn.edu" has a link to bofa_card_statement_name.doc that really attempts to download an infected Word document
  • payload now blocked on UMN network
  • IMPORTANT: anyone who downloaded and opened the document should contact their tech support to check their computer.

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.