June 1 is the official start of the US Hurricane season. This is a good time for a reminder that bad actors will use any natural disaster or newsworthy event to try and scam you out of your personal information and money. If a tragedy occurs, and you want to help, ensure you work with a reputable organization in relief efforts. Don’t click on links in emails that tug at your heart. Research organizations before engaging with them and providing any of your information, especially banking information.
What has been reported to abuse@uthsc.edu this past week?
- MICROSOFT OFFICE – from a compromised account from another UT campus, this phish wants the recipient to click on a link and give away credentials (NetID and password).
- [Ext] RE: Quick One – this phish was sent to HR asking for help in changing a direct deposit so that someone’s salary would go to the bad actor’s bank account.
- [Ext] PAYROLL UPDATE – another phish targeting someone else’s direct deposit.
- [Ext] Your order is ready – this phish was poorly worded, as maybe English wasn’t their first language, advising that a printer was “paid for” and is being shipped – to an address not in Tennessee.
- [Ext] Fwd: Your auto renewed reckoning E-receipt for 2023, June 02 is enclosed – this phish is an autorenewal scam, advising the recipient they need to call a provided phone number to dispute the charge.
- FW: Password Reset Request – using Microsoft’s logo to attempt legitimacy, this phish attempts the recipient to click a link to give away their credentials.
Keep reporting suspicious emails to abuse@uthsc.edu for examination. If you wish to report an incident to the Office of Cybersecurity, use TechConnect.