The Office of Information Security has received reports of a phishing attempt targeting members of our institution. This particular phish involves telling the recipient they are owed an “outstanding payment,” then attaching an Excel spreadsheet with malicious software (malware) hidden in macros. The body of the email often provides the recipient with a ‘password’ for the invoice that is frequently something simple like ‘1234’. Below, you will find an example of one of these malicious emails.
If you receive an e-mail such as this or any other suspected phishing attempt, please do not click on any links or download any files from the e-mail. Simply forward the e-mail to firstname.lastname@example.org and delete the e-mail from your inbox.
If you have additional questions or concerns, please reach out to us at the Office of Information Security at email@example.com. We appreciate all that you do to keep our university secure.