Go to the U of M home page

Thursday, May 3, 2018

Example 219: XXX, Secure Your Email Communication. Now!

Forged (personalized) letter providing link to malicious software.

Message text:

From: UMN Security <umnalert@ xxxx .win>
Date: Thu, May 3, 2018 at 7:22 AM
Subject: XXX, Secure Your Email Communication. Now!
To: xxx  < xxxxx@umn.edu>

Hello Xxx,
As a result of the rising cyber security threat, it has become necessary
that the entire staff and students of this institution download and install
the new Microsoft Email Security Software, *WinMail Defender* in order to 
further protect all our email communications.
*WinMail Defender* is an email security software that adds an extra layer
of security to your email communications. It provides end-to-end email 
encryption, there by making it a lot more difficult for third parties and
other unauthorised parties to access your email communications.
Regards,
Bernard Gulachek
Vice President and Chief Information Officer,
Regents of the University of Minnesota.

Linked Form

   Email contains a tinyurl.com link which redirects to this page:
webform hosting malicious software ink
webform hosting malicious software ink
Things to Note:
  • Email comes from NON @umn.edu address
  • Email subject and letter address recipient by first name
  • Email link goes to a tinyurl.com (not UMN.EDU) link
  • Link redirect to a site123.com page - site123.com is a free website provider
  • Link on form will download malicious software
  • IMPORTANT: 
  • If you downloaded and ran this software, contact your tech support immediately to address possible system compromise. 

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.