[Plantsci] Heavy phishing traffic since yesterday

Marquez, Mario A - (marquezm) marquezm at email.arizona.edu
Thu Apr 14 10:42:44 MST 2016 

Good morning,

We have experienced heavy phishing traffic since yesterday afternoon, and have had reports that some employees have responded to the phishing emails.  We continue to have phishing reports, but are now seeing subject lines change, and the emails appear to come from UA email addresses, although they are being sent from India and other locations.

The phishing emails in question can be found on our phishing alerts page, hxxp://security.arizona.edu/phishing-alerts (copy and paste the URL into your browser, and replace “hxxp” with “http”).

If you receive any of these emails, please delete them from your inbox.  If you responded to these emails in any way (e.g., clicking a link and entering your username and password), please contact your IT Support or the 24/7 IT Support Center (520-626-8324) as soon as possible.  If you have additional questions, please don’t hesitate to contact UA Information Security at infosec at email.arizona.edu<mailto:infosec at email.arizona.edu>.

Thank you.

Sincerely,
Teresa E. Banks
Manager, Information Security
   & Compliance Programs
UA Information Security
The University of Arizona

Email:  tbanks at email.arizona.edu<mailto:tbanks at email.arizona.edu>
Office:  520.621.8476
Cell:  520.909.6057
Web:  http://security.arizona.edu<http://security.arizona.edu/>

4/13/16 IT Security immediately
UA Information Security received a phishing email report, where recipients are directed to click on a link and update their passwords.

If you receive this email, please delete it from your inbox.  If you clicked on the link or provided any information, please contact your local IT Support or the 24/7 IT Support Center (626-8324) as soon as possible.

Email text:
_____________________________
From: Wilson, Stephanie <EMAIL ADDRESS REMOVED>
Sent: Wednesday, April 13, 2016 04:56
Subject: IT Security immediately


IT Security

Password will expire please contact your help desk. by Click Here <URL REMOVED>

IT Security immediately
________________________________________
The information transmitted is intended only for the person or entity to which it is addressed and may contain confidential and/or privileged material. Any review, transmission, re-transmission, dissemination or other use of, or taking of any action in reliance upon this information by persons or entities other than the intended recipient is prohibited. If you received this in error, please contact the sender and delete the material from any computer.


4/13/16 Admin Desk Ticket - # HD79035187 Account Validation‏
UA Information Security received a phishing email report, where recipients are directed to click on a link to validate incoming emails.
Email Text:
From: do-not-reply <EMAIL ADDRESS REMOVED>
Cc:
Date: Wed, 13 Apr 2016 18:49:31 +0000
Subject: Admin Desk Ticket - # HD79035187 Account Validation‏
Dear User,

We have placed a temporal hold on two incoming mails for your account


due to insufficient validation。

CONTINUE<URL REMOVED>

一System Admin。

2016



Mario A. Marquez
Systems Administrator Principal
University of Arizona
College of Agriculture and Life Sciences
School of  Plant Sciences
http://www.plssupport.arizona.edu/
marquezm at email.arizona.edu<mailto:marquezm at email.arizona.edu>
Office 520-621-1257
Cell 520-429-2902
[UAriz-CALS-logo-247]

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://list.cals.arizona.edu/pipermail/plantsci/attachments/20160414/5c4817ea/attachment.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image001.gif
Type: image/gif
Size: 4528 bytes
Desc: image001.gif
URL: <https://list.cals.arizona.edu/pipermail/plantsci/attachments/20160414/5c4817ea/attachment.gif>

More information about the Plantsci mailing list