Viruses, malware and phishing alerts

Phishing Alert (3/16/15)

There is a new phishing email that is being circulated that reads:
Dear E-mail User.
his Message is From Helpdesk. Due to our latest IP Security upgrades we have reason to believe that your webmail account was accessed by a third party. Protecting the security of your webmail account is our primary concern, we have limited access to sensitive webmail account features. Failure to revalidate, your e-mail will be blocked in 24 hours. To Confirm Your E-mail Account click on: SERVICEHELPDESK
Thank you for your cooperation.
System Help Desk Administrator

Do not click on the link included in the email. Please delete the email immediately.

Security updates available for Adobe Flash Player (1/22/15)

A new update is available for Adobe's Flash Player to fix a zero-day exploit that cybercriminals are using to install botnet and adware. Please update your browser's Flash Player Plugin by going to the Adobe Flash Player Download Center and install the new update.

FBI Payroll Phishing Scam Alert (1/16/15)

The Internet Crime Complaint Center (IC3) has issued an alert addressing a spear phishing scam targeting university employees and their payroll accounts. Scam operators use fraudulent e-mails and websites to entice employees to reveal login credentials.

Users are encouraged to review the IC3 Alert for details and refer to Security Tip ST04-014 for information on social engineering and phishing attacks.

Student Aid Processing Phishing Email Alert (1/14/15)

A new phishing email claiming to be from Student Aid Processing is being distributed and reads:

Student Aid Deadline: 2014-15 School Year

Aid that does not have to be repaid is available to you. Grants are need-based and are available to different age groups. Please review your Eligibility packet below:

This is a reminder of the upcoming deadline.
Thank You.
EDU Aid/ Grant Distribution

Please do not click on any enclosed links and delete the email immediately.

Peoria Police Dept. Phone Scam (1/6/15)

A student received a phone call with a caller ID spoofed to make it look like the call originated at the Peoria Police Department. The caller claimed that the University lodged a complaint against the student regarding back taxes and that the student should withdraw money at Kroger to pay them.

IRS recommended ways to protect yourself:

Phishing Alert (1/5/15)

There is a new phishing email that is being circulated that reads:
Dear Email User,
Your password Will Expire In The Next TWO {2} Days Current Faculty and Staff Should Please Log On To IT WEBSITE To Validate Your E-mail Address And Password,Or Your E-mail Address Will Be Deactivated. Thank You.
ITS help desk

©Copyright 2014 Microsoft
All Right Reserved.

Please delete the email immediately and do not click on the link within the email.

Attempted Wire Fraud via Email (1/5/15)

There have been numerous reports of fraudsters sending payment initiation requests or requests to update payment instructions from email accounts that appear to be from inside a clients' organization or from a known external partner. The fraudulent "from" email address is typically a slight variation on the legitimate email address, which can trick the recipient into believing the fraudulent communication is legitimate.

Important reminders:
Be suspicious of requests purporting to be from a person of authority at your organization (such as the CEO, CFO, Treasurer, etc.), or requests to initiate "emergency" payments, make urgent changes to payment instructions, or bypass your established approval procedures. Fraudsters will often create a sense of urgency to get you to act quickly or to avoid you questioning the request.

Confirm verbally with the requestor or another trusted party any requests for changes to payment instructions or any usual payment requests. Confirmations should be either in-person or by telephone: do not attempt to confirm the instructions via email.

HelpDesk Email Phishing Alert (9/8/14)

An email phishing attempt is being circulated. The email is made to look like a shared Google document and states:
“Please view the document I uploaded for you using Google docs. just sign in with your email to view the document its very important.” (Note: The poor punctuation is a typical sign of a phishing email)


Russian Hackers have stolen 1.2 Billion Usernames and Passwords (8/6/14)

Russian hackers have successfully stolen over 1.2 billion usernames and passwords from websites around the world. We strongly encourage you to change your passwords to all the sites that you visit. To help protect yourself and your information, we recommend using complex passwords and a unique password for each site.

For more information, please see the following article:

Google Docs Phishing Attempt Warning (5/29/14)

Phishing emails are circulating with the Subject: View the Attached Document. The email states that “You have new document Attached to view from Google docs”. The emails are originating from compromised Bradley accounts. If you are not expecting an email about a Google doc file from the sender, DO NOT CLICK ON THE LINK. If you receive a suspicious email please forward it to

Bradley Email Phishing Attempt

A fake email phishing scam is being circulated that claims the you have exceeded your web bandwidth limit. It falsely claims that it was sent by Bradley. The email asks you to review the email and click a link to automatically renew your bandwidth. DO NOT CLICK ON THE LINK. Please delete the email immediately.

Help Desk Email Phishing Attempt

A new email phishing attempt is being circulated claiming to be from the Administrator of the Bradley HelpDesk. The email claims that the HelpDesk is sending an email out to all account users for an upgrade and will deactivate all inactive accounts. Do not click on the link included in the email. Please delete the email immediately.

Bradley Signin Phishing Email Alert

A fake phishing email is circulating that asks the user to click a link to re-validate the user's email and scan for viruses. The email claims to be from Bradley Signin Service Management Support. DO NOT CLICK ON THE LINK OR ENTER ANY INFORMATION ON THE LINK'S DESTINATION. Delete the email immediately. Email Phishing Alert

A phishing email being circulated that has the Subject: Upgrade Email Now! and claims to be from If you receive this email, delete it and DO NOT CLICK ON ANY LINK ENCLOSED.


There is a phishing email being circulated that claims to be sent from the MyBU IT Helpdesk. This email is a FAKE and DO NOT CLICK ON THE LINK in the email. The email has this subject title: Subject: Your Incident ID is: 130329-018715. The email claims that someone from Stockholm, Sweden has attempted to login to your account using an unrecognized device and asks you to follow a link.

PC CryptoLocker Malware Alert

There is a new malware email that says it’s from Intuit (creators of Quickbooks software) that includes an attached zip file. Once the zip file is clicked on, it installs an executable file that will then encrypt the user’s data on their hard drive, networked drives and external drives attached to the computer. The user will then get a CryptoLocker prompt (see image below) that say they have to pay $300 USD to get a key to unlock the data. If the money is not paid by a specific time, the data is then destroyed and will not be recoverable. If you receive this email, DO NOT OPEN THE ATTACHED ZIP FILE.

CryptoLocker Prompt

If you have any other questions, please contact the HelpDesk at (309) 677-2964 or visit us in the Cullom-Davis Library.

WARNING: New "Beta Bot" Malware

A new malware threat has emerged that is being called "Beta Bot". This malware is disguising itself as a "User Account Control" Windows update pop-up box. DO NOT CLICK YES TO INSTALL!

Beta Bot Malware

Once the user clicks "yes" to install it, the malware will disable your antivirus and stop web access to the vendor so the definitions can not be updated. It will then steal your user name and passwords for financial institutions, social networks, e-commerce sites and more.

Viruses, malware and phishing attempts

If you are in doubt about any email message or believe that you may have a virus or malware on your computer, contact the Technology HelpDesk at (309) 677-2964 for assistance.