UPDATE:
The malicious attachment in this phishing campaign has been determined to be ransomware. The message appears to come from different copier@*.gatech.edu addresses. Upon opening the attached .docm file, the ransomware in question encrypts files on local, fixed and removable, and network filesystems. If you received a message like this and opened the document, shut down your system and contact the TSO Help Desk immediately.
WHAT'S HAPPENING?
WHAT'S HAPPENING?
There are emails that are being circulated, an example of which is below, that include suspicious links. These are not legitimate emails.
WHAT DO YOU NEED TO DO?
If you receive an email like this, do not click on the link. If a phishing or spam email makes its way into your inbox, please forward it according to the directions at
http://support.cc.gatech.edu/support-tools/faq/what-should-i-do-when-i-receive-spam-or-phishing-email to improve the accuracy of GT's filters.
WHAT'S HAPPENING?
There are emails that are being circulated, an example of which is below, that include suspicious links. These are not legitimate emails.
WHAT DO YOU NEED TO DO?
If you receive an email like this, do not click on the link. If a phishing or spam email makes its way into your inbox, please forward it according to the directions at
http://support.cc.gatech.edu/support-tools/faq/what-should-i-do-when-i-receive-spam-or-phishing-email to improve the accuracy of GT's filters.
WHAT HAPPENED?
There have been reports that credentials for remote access software TeamViewer may have been compromised.
WHEN DID IT HAPPEN?
Beginning Wednesday, June 1, 2016, and ongoing.
WHY DID IT HAPPEN?
WHAT HAPPENED?
A CoC computer was compromised and encrypted by the Locky ransomware virus.
WHEN DID IT HAPPEN?
It was discovered Thursday, April 28, 2016, at 8:30 AM.
WHY DID IT HAPPEN?
An un-requested email with an attached Word document was opened, which started the attack. The email associated with this virus typically contains the following subject line: ATTN: Invoice_J-<8 digit string>
WHAT DO YOU NEED TO DO?
WHAT'S HAPPENING?
Some CoC faculty and staff Windows users are receiving popups advising that their Malwarebytes Anti-Malware license is expiring.
WHEN IS IT HAPPENING?
Currently ongoing.
WHY IS IT HAPPENING?
OIT initially licensed Malwarebytes Premium for limited campus use. They are now licensed under an Enterprise agreement, and the old Premium licenses are beginning to expire.
WHO IS AFFECTED?
WHAT'S HAPPENING?
There are emails that are being circulated, an example of which is below, that include suspicious links. These are not legitimate emails.
WHAT DO YOU NEED TO DO?
If you receive an email like this, do not click on the link. If a phishing or spam email makes its way into your inbox, please forward it according to the directions at
http://support.cc.gatech.edu/support-tools/faq/what-should-i-do-when-i-receive-spam-or-phishing-email to improve the accuracy of GT's filters.