Recent Local Spearphishing Attacks

Over the recent week, Cornell and other companies and organizations have been hit with several spearphishing attacks. As you might expect, Cornell is a constant target for nefarious attacks (as are most large institutions), however this one has hit a large number of "Cornell.edu" email accounts. And over the last 24 hours, we've been made aware of several other attacks as well.

What makes this attack particularly challenging, is that the Sender and Subject appear to be legitimate.

However, once the email is opened the content reads something like: 

READ THIS MESSAGE (in a clickable banner)

05:59:47 (Cornell)
Re: "Subject"
Watch before: Thursday

If you clicked on the banner, you are taken to a page with a legitimate company logo - the one we looked at (safely) had the Xerox Logo with lines requesting our Xerox Login Name and Password.

IF YOU OPEN THIS EMAIL, DO NOT CLICK ON THE BANNER AND ABSOLUTELY DO NOT FILL IN ANY LOGIN OR PASSWORD INFORMATION!

[More]

TweetBacks
Comments (Comment Moderation is enabled. Your comment will not appear until approved.)
Comments are not allowed for this entry.