Viruses, Malware and Phishing Alerts

Viruses, malware and phishing attempts

If you are in doubt about any email message or believe that you may have a virus or malware on your computer, contact the Technology HelpDesk at (309) 677-2964 for assistance.

Fraudulent Browser Popup Survey (8/5/15)

Please be aware that a fraudulent popup may appear in your browser that asks you to complete an anonymous survey about your experience at Bradley University. The popup will include your computer IP address and offer to present exclusive rewards to you. Please close the popup and do not click on the continue button.

Fraudulent Popup

Phishing Alert (6/30/15)

A phishing email is being circulated that states:

Dear Email User,
Your mailbox have exceed 3.5 MB set by the administrator, you will not be able to send or receive mail except you re-validates your account by clicking on VALIDATE YOUR ACCOUNT NOW and complete the required details and click on submit button.
Note: Failure to comply may result to lose of your Webmail account within 24 hours.
Thanks
Webmail System Administrator.

Do not click on the link included in the email. Please delete the email immediately.

Phishing Alert (6/25/15)

A phishing email is being distributed that claims "Your password will expire in two days time, kindly click on the SERVICE-HELPDESK to update your old password and automatically upgrade to the latest e-mail Outlook Web Apps 2015.
If the password is not updated today, your account will be suspended in less than 12 hours
NOTE: Your log in will time out after 60 minutes. Your responses will be lost if you do not click on the "secure" button before 60 minutes lapses. There is no prompt when your 60 minute session has expired. Please save extensive comments periodically and check your time.". The email includes a link to update your password. DO NOT CLICK ON THE LINK.

Phishing Alert (4/8/15)

A phishing attempt email is being distributed that claims "Some online databases have been hacked exposing many past criminal records and personal information. You may have recently been the victim of an unauthorized identity-report search on our website". The email includes a link to view and protect your records. DO NOT CLICK ON THE LINK. This email is in no way connected to the recent data breach on campus. Please delete the email immediately.

Phishing Alert (3/16/15)

There is a new phishing email that is being circulated that reads:
Dear E-mail User.
his Message is From Helpdesk. Due to our latest IP Security upgrades we have reason to believe that your webmail account was accessed by a third party. Protecting the security of your webmail account is our primary concern, we have limited access to sensitive webmail account features. Failure to revalidate, your e-mail will be blocked in 24 hours. To Confirm Your E-mail Account click on: SERVICEHELPDESK
Thank you for your cooperation.
System Help Desk Administrator

Do not click on the link included in the email. Please delete the email immediately.

Security updates available for Adobe Flash Player (1/22/15)

A new update is available for Adobe's Flash Player to fix a zero-day exploit that cybercriminals are using to install botnet and adware. Please update your browser's Flash Player Plugin by going to the Adobe Flash Player Download Center and install the new update.

FBI Payroll Phishing Scam Alert (1/16/15)

The Internet Crime Complaint Center (IC3) has issued an alert addressing a spear phishing scam targeting university employees and their payroll accounts. Scam operators use fraudulent e-mails and websites to entice employees to reveal login credentials.

Users are encouraged to review the IC3 Alert for details and refer to Security Tip ST04-014 for information on social engineering and phishing attacks.

https://www.us-cert.gov/ncas/current-activity/2015/01/15/IC3-Issues-Alert-University-Employee-Payroll-Scam

Student Aid Processing Phishing Email Alert (1/14/15)

A new phishing email claiming to be from Student Aid Processing is being distributed and reads:

Student Aid Deadline: 2014-15 School Year

Aid that does not have to be repaid is available to you. Grants are need-based and are available to different age groups. Please review your Eligibility packet below:

This is a reminder of the upcoming deadline.
Thank You.
EDU Aid/ Grant Distribution

Please do not click on any enclosed links and delete the email immediately.

Peoria Police Dept. Phone Scam (1/6/15)

A student received a phone call with a caller ID spoofed to make it look like the call originated at the Peoria Police Department. The caller claimed that the University lodged a complaint against the student regarding back taxes and that the student should withdraw money at Kroger to pay them.

IRS recommended ways to protect yourself: http://www.irs.gov/uac/Five-Easy-Ways-to-Spot-a-Scam-Phone-Call

Phishing Alert (1/5/15)

There is a new phishing email that is being circulated that reads:
Dear Email User,
Your password Will Expire In The Next TWO {2} Days Current Faculty and Staff Should Please Log On To IT WEBSITE To Validate Your E-mail Address And Password,Or Your E-mail Address Will Be Deactivated. Thank You.
ITS help desk
ADMIN TEAM

©Copyright 2014 Microsoft
All Right Reserved.

Please delete the email immediately and do not click on the link within the email.

Attempted Wire Fraud via Email (1/5/15)

There have been numerous reports of fraudsters sending payment initiation requests or requests to update payment instructions from email accounts that appear to be from inside a clients' organization or from a known external partner. The fraudulent "from" email address is typically a slight variation on the legitimate email address, which can trick the recipient into believing the fraudulent communication is legitimate.

Important reminders:
Be suspicious of requests purporting to be from a person of authority at your organization (such as the CEO, CFO, Treasurer, etc.), or requests to initiate "emergency" payments, make urgent changes to payment instructions, or bypass your established approval procedures. Fraudsters will often create a sense of urgency to get you to act quickly or to avoid you questioning the request.

Confirm verbally with the requestor or another trusted party any requests for changes to payment instructions or any usual payment requests. Confirmations should be either in-person or by telephone: do not attempt to confirm the instructions via email.

HelpDesk Email Phishing Alert (9/8/14)

An email phishing attempt is being circulated. The email is made to look like a shared Google document and states:
“Please view the document I uploaded for you using Google docs. just sign in with your email to view the document its very important.” (Note: The poor punctuation is a typical sign of a phishing email)

DO NOT CLICK ON THE LINK OR GIVE OUT YOUR BRADLEY EMAIL CREDENTIALS!

Russian Hackers have stolen 1.2 Billion Usernames and Passwords (8/6/14)

Russian hackers have successfully stolen over 1.2 billion usernames and passwords from websites around the world. We strongly encourage you to change your passwords to all the sites that you visit. To help protect yourself and your information, we recommend using complex passwords and a unique password for each site.

For more information, please see the following article:

http://www.nydailynews.com/news/world/russian-hackers-stole-1-2-billion-passwords-safe-article-1.1893695

Google Docs Phishing Attempt Warning (5/29/14)

Phishing emails are circulating with the Subject: View the Attached Document. The email states that “You have new document Attached to view from Google docs”. The emails are originating from compromised Bradley accounts. If you are not expecting an email about a Google doc file from the sender, DO NOT CLICK ON THE LINK. If you receive a suspicious email please forward it to helpdesk@bradley.edu.

Bradley Email Phishing Attempt

A fake email phishing scam is being circulated that claims the you have exceeded your web bandwidth limit. It falsely claims that it was sent by Bradley. The email asks you to review the email and click a link to automatically renew your bandwidth. DO NOT CLICK ON THE LINK. Please delete the email immediately.

Help Desk Email Phishing Attempt

A new email phishing attempt is being circulated claiming to be from the Administrator of the Bradley HelpDesk. The email claims that the HelpDesk is sending an email out to all account users for an upgrade and will deactivate all inactive accounts. Do not click on the link included in the email. Please delete the email immediately.

Bradley Signin Phishing Email Alert

A fake phishing email is circulating that asks the user to click a link to re-validate the user's email and scan for viruses. The email claims to be from Bradley Signin Service Management Support. DO NOT CLICK ON THE LINK OR ENTER ANY INFORMATION ON THE LINK'S DESTINATION. Delete the email immediately.

Bravesites.com Email Phishing Alert

A phishing email being circulated that has the Subject: Upgrade Email Now! and claims to be from bravesites.com. If you receive this email, delete it and DO NOT CLICK ON ANY LINK ENCLOSED.

MyBU PHISHING WARNING

There is a phishing email being circulated that claims to be sent from the MyBU IT Helpdesk. This email is a FAKE and DO NOT CLICK ON THE LINK in the email. The email has this subject title: Subject: Your Incident ID is: 130329-018715. The email claims that someone from Stockholm, Sweden has attempted to login to your account using an unrecognized device and asks you to follow a link.

PC CryptoLocker Malware Alert

There is a new malware email that says it’s from Intuit (creators of Quickbooks software) that includes an attached zip file. Once the zip file is clicked on, it installs an executable file that will then encrypt the user’s data on their hard drive, networked drives and external drives attached to the computer. The user will then get a CryptoLocker prompt (see image below) that say they have to pay $300 USD to get a key to unlock the data. If the money is not paid by a specific time, the data is then destroyed and will not be recoverable. If you receive this email, DO NOT OPEN THE ATTACHED ZIP FILE.

CryptoLocker Prompt

If you have any other questions, please contact the HelpDesk at (309) 677-2964 or visit us in the Cullom-Davis Library.

WARNING: New "Beta Bot" Malware

A new malware threat has emerged that is being called "Beta Bot". This malware is disguising itself as a "User Account Control" Windows update pop-up box. DO NOT CLICK YES TO INSTALL!

Beta Bot Malware

Once the user clicks "yes" to install it, the malware will disable your antivirus and stop web access to the vendor so the definitions can not be updated. It will then steal your user name and passwords for financial institutions, social networks, e-commerce sites and more.