This week’s scam is a reported attack on 100,000 company inboxes hit with a voice message phishing attempt targeting hundreds of companies in all industries, including IT, healthcare, finance and more. The subject line of the phish had a personalized message about missing a call and clicking a link to “sign in” to listen to the message.
The attackers were most likely after login data that would be an access point to more services with personally identifiable information or business details. Most phish that start this way are a multi-layer approach to gain access into an organization’s infrastructure.
What else have we seen reported to abuse@uthsc.edu? Here is a few examples.
- The classic “romance” scheme asking for more information as “they” would like to meet.
- Gift Card Scam is making another round – every couple of weeks a dean’s name is spoofed with a gmail.com email address. This one started by asking for “URGENT HELP”.
- Our own version of a voicemail scheme looked like is came from “UTHSC.edu Message System” when in fact in originated in Germany
- Summer work opportunity for students – mass email to everyone with the same last name
- Amazon spoofed – making someone believe they made a purchase to click on shipping details
Stay safe out there everyone. Any suspicious email can be forwarded to abuse@uthsc.edu for examination.