Monthly Archives: March 2017

Malicious email roundup

There have been a lot of malicious emails lately, so I wanted to give you a quick update on what is real and what is fake.

Real
1. Email from UW Office of Research titled “Your Action is Needed! Significant Financial Interest (SFI) Annual Update Required in 14 Days.” It sounds spammy but I have confirmed with the Office of Research that it is legit.
2. UW TAP survey- also confirmed real

Fake Fake Fake
1. “Email Account Closure” notice for Office365 users
2. “Urgent Review” with attached malware-infected PDF
3. “Update Required” phishing attempt to get tax info (says it’s from HR/Payroll)
4. “Beware of phishing emails” with details about supposed UW acct maint and threats to suspend acct
5. “UW Notification”- name-drops both UW and Office365, again threatening to suspend acct
6. Emails claiming you bought a shockingly expensive item- phishing scam targeting your credit card or bank info
7. FedEx delivery scam with attached malware-infected PDF
8. “Meeting notification” phishing scam targeting UW NetID
9. Our old favorite, USAA bank phishing scam
10. And the weirdest one I’ve seen yet- “Notice of Unsatisfied Photo Enforcement Ticket” supposedly from DMV, featuring such convoluted language as might appear in a real government notice.

I could go on and on, but you get the point- fake emails greatly outweigh legitimate ones. If something sounds fishy (or phishy), it’s because it is. Trust your judgment but ask if you’re unsure.

Stay safe!