Over the recent week, Cornell and other companies and organizations have been hit with several spearphishing attacks. As you might expect, Cornell is a constant target for nefarious attacks (as are most large institutions), however this one has hit a large number of "Cornell.edu" email accounts. And over the last 24 hours, we've been made aware of several other attacks as well.
What makes this attack particularly challenging, is that the Sender and Subject appear to be legitimate.
However, once the email is opened the content reads something like:
READ THIS MESSAGE (in a clickable banner)
Watch before: Thursday
If you clicked on the banner, you are taken to a page with a legitimate company logo - the one we looked at (safely) had the Xerox Logo with lines requesting our Xerox Login Name and Password.
IF YOU OPEN THIS EMAIL, DO NOT CLICK ON THE BANNER AND ABSOLUTELY DO NOT FILL IN ANY LOGIN OR PASSWORD INFORMATION!