coe-staff: Malware in RTF and ZIP attachments

[Jeff Woodbury]

All,

I am forwarding a message from the Departmental Computing list. The UO saw a number of emails coming from off campus containing malicious file attachments.

Please be cautious when you see emails that come unexpectedly with attachments or web links asking you to take action.

If you have any suspicions at all about the nature of the email, please forward them to coeit at uoregon.edu. We will do our best to evaluate the risk and get back you on the email's status.

Information Services also has two email addresses where you can notify the security group of a computer security issue or of a phishing attempt: security at uoregon.edu and phishing at uoregon.edu.

We work closely with the IS security group to prevent or resolve security issues.

Sincerely,

Jeffrey Woodbury, PhD
Director of Technology, College of Education
University of Oregon
jeffreyw at uoregon.edu


________________________________
From: deptcomp-bounces at lists.uoregon.edu [deptcomp-bounces at lists.uoregon.edu] on behalf of Technology Service Desk [techdesk at uoregon.edu]
Sent: Thursday, March 17, 2016 5:10 PM
To: Departmental Computing
Subject: deptcomp: Malware in RTF and ZIP attachments

Yesterday and today, many people at UO have received email messages with attachments containing malware.

The malware has come in a couple of different file types. Yesterday, Information Services staff were seeing ZIP files, and today it's been RTFs.

When someone opens one of these attachments, it installs malware on their computer that will then steal information -- a risk for both personal information and university data.

If anyone has opened the file, they should email security at ithelp.uoregon.edu<mailto:security at ithelp.uoregon.edu> immediately.

Today's messages often referred to an invoice that was due or past due.

Sample subject lines:

  *   "Invoice HXINV73862 from Tip Top Delivery"
  *   "Urgent: IMAGINiT invoice CNINV84614 is Past due"

Sample attachment filenames:

  *   "CNINV8461.rtf"
  *   "Invoice_BDINV78302_from_tip_top_delivery.rtf"

IS staff actively take steps to reduce the number of risky messages delivered to people at UO. However, malicious campaigns like this are a moving target. That's why students, faculty, and staff should always be on the alert for any email with malicious intent. Never click suspicious links or open attachments that you aren't expecting.

If you have any questions, please contact the Technology Service Desk (techdesk at uoregon.edu<mailto:techdesk at uoregon.edu>; 541-346-4357).

UO Technology Service Desk
Information Services
541-346-HELP
techdesk at uoregon.edu<mailto:techdesk at uoregon.edu>
facebook.com/UOTechDesk<https://www.facebook.com/UOTechDesk> | twitter.com/UOTechDesk<https://twitter.com/UOTechDesk>


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists-prod.uoregon.edu/pipermail/coe-staff/attachments/20160318/3c15f28b/attachment.html>