Another phish reported. Links to a weebly site imitating a O365 login page. From: DEBORAH CARR-SANCHEZ <DEBORAH.CARR@donnaisd.net> To: Microsoft Viva <viva-noreply@microsoft.com> Subject: Re: Mandatory Date: 2022-04-11 12:05PM Mandatory notice. You are requested to verify your email to migrate to the latest upgraded service 2022 to avoid deactivation of your email in the next 24-hours. To… Continue Reading
Security Notices
Phish/Scam – Job Opening
There have been a few different reports of similar student job opening scams over the past few weeks. Please mark these messages as spam or phishing and do not reply to the attackers. From: CAMPUS JOBS <joseburgos8290@gmail.com> Date: Fri, 4 Mar 2022 07:23:32 +0100 Subject: Job Opening To: undisclosed-recipients:; The service of a student administrative… Continue Reading
Phish – reached the storage limit
New phish reported – Links to a wixsite.com website trying to steal credentials. Dear user, You have reached the storage limit for your emails and you cannot receive new messages until you increase your storage limit. Click here to increase your office365 Thank you Administrative team Continue Reading
Phish – Available cellphone number?
A number of these similar phishing messages reported lately. Usually from gmail addresses. From: XXXX <jpattonvogt@gmail.com> Date: Sun, Feb 20, 2022 at 11:50 AM Subject: To: <XXXX> Available cellphone number?– Continue Reading
PHISH – Invoice_US_CMR_LRB_10295419121_2021-12-13.pdf
Recently an email was sent out that contains a malicious PDF. If you receive this email do not click the link embedded in the PDF or download it. Notify phish@tcnj.edu and delete the email. Thank you. Continue Reading
PHISH – MsDocs 893826 / New Scanned Docs from MX-M253N
This is a phishing email, the embedded link does not go to a SharePoint site or contain any documents. Do not click on any links and delete this email. Thank you. Continue Reading
Phish – Subject: Confirm Ownership for ***@tcnj.edu
Phishing email which will take you to a Mail Center landing page and attempt to harvest your credentials. Do not enter any information or click any links in this email. Continue Reading
Exploit – CVE-2021-40444 – MSHTML RCE Vulnerbility via malicious Microsoft Office documents
This week Microsoft reported that they are seeing this vulnerability being actively exploited in the wild. The attacker crafts a Microsoft Office document which contains a malicious ActiveX control, that once installed, grants the attacker the same rights as the user who opened the document. This can allow the attacker to run code, install and… Continue Reading
Phish – Subject: Document shared with you: “DC.docx”
Another Google Drive Shared File Phish Reported lmack7010@gmail.com shared a document Unknown profile photo lmack7010@gmail.com has shared the following document: XXXXXXXX DC.docx Continue Reading
Phish – Subject: I shared a Doc via Dropbox with you
New phish reported that looks like a Dropbox email. It links to an external site the attempts to capture credentials. Continue Reading