Go to the U of M home page

Thursday, May 24, 2018

Advisory: FBI Releases Article on Building a Digital Defense with Credit Reports

Summary: FBI has released an article on using credit reports to build a digital defense against identify theft.


FBI has released an article on using credit reports to build a digital defense against identify theft. FBI explains how identity theft can deal a devastating blow to consumers' credit history. However, regularly checking the accuracy of credit reports can help consumers minimize risk.
NCCIC encourages consumers to review the FBI Article and NCCIC's Tip on Preventing and Responding to Identity Theft.



Tuesday, May 22, 2018

Advisory: Tragedy-Related Scams

Summary: In the wake of the recent Texas school shooting, NCCIC advises users to watch out for possible malicious cyber activity 


In the wake of the recent Texas school shooting, NCCIC advises users to watch out for possible malicious cyber activity seeking to capitalize on this tragic event. Users should exercise caution in handling emails related to the shooting, even if they appear to originate from trusted sources. Fraudulent emails often contain links or attachments that direct users to phishing or malware-infected websites. Emails requesting donations from duplicitous charitable organizations are also common after tragic events. Be wary of fraudulent social media pleas, calls, texts, donation websites, and door-to-door solicitations relating to the event.
To avoid becoming a victim of fraudulent activity, NCCIC encourages users and administrators to review NCCIC's Tips on Using Caution With Email Attachments and Avoiding Social Engineering and Phishing Attacks as well as the Federal Trade Commission's article on Before Giving to a Charity.


Thursday, May 3, 2018

Example 219: XXX, Secure Your Email Communication. Now!

Forged (personalized) letter providing link to malicious software.

Message text:

From: UMN Security <umnalert@ xxxx .win>
Date: Thu, May 3, 2018 at 7:22 AM
Subject: XXX, Secure Your Email Communication. Now!
To: xxx  < xxxxx@umn.edu>

Hello Xxx,
As a result of the rising cyber security threat, it has become necessary
that the entire staff and students of this institution download and install
the new Microsoft Email Security Software, *WinMail Defender* in order to 
further protect all our email communications.
*WinMail Defender* is an email security software that adds an extra layer
of security to your email communications. It provides end-to-end email 
encryption, there by making it a lot more difficult for third parties and
other unauthorised parties to access your email communications.
Regards,
Bernard Gulachek
Vice President and Chief Information Officer,
Regents of the University of Minnesota.

Linked Form

   Email contains a tinyurl.com link which redirects to this page:
webform hosting malicious software ink
webform hosting malicious software ink
Things to Note:
  • Email comes from NON @umn.edu address
  • Email subject and letter address recipient by first name
  • Email link goes to a tinyurl.com (not UMN.EDU) link
  • Link redirect to a site123.com page - site123.com is a free website provider
  • Link on form will download malicious software
  • IMPORTANT: 
  • If you downloaded and ran this software, contact your tech support immediately to address possible system compromise.