Skip to Main

Dual-Purpose Phish

 

close up of fingers typing on laptop keyboard with superimposed envelope graphic

Cyber experts have identified a dual-purpose phishing attack that attempts to harvest user credentials and deliver malware. The attacks claim to be from the recipient’s IT support detailing allegedly blocked inbound messages for the recipient. The lure contains numerous malicious links leading to either a credential harvesting page or the installation of a malicious .zip file.

  • Be wary of emails that have an “External Mail” header but contain a message that appears to be internal.
  • Examine message content for inconsistencies.
  • Hover over all email URL links to view the true website domain.
  • Report suspected phishing emails using the “Report Phish” button in Outlook.

If you suspect malware or that your password has been compromised, immediately contact the ServiceDesk at 214-648-7600 to report it.

View More Updates

Questions about Information Security?

Office of Information Security
214-648-7600

informationsecurity@UTSouthwestern.edu

Back-to top