Spear Phishing Targeting Financial Staff
Update
Archived
*Update*
In keeping with the Electronic Information Security Policy, this message has been removed from all mailboxes affected using an automated feature in Office 365. If you received this message and responded to it or if you have any questions please contact the IT Support Center at x36666.
--------------------------------------------------------------
Previous Description (2017-05-17 15:35:59):
Please forward this notification to administrative and financial staff in your unit.
ITS has verified that a spear phishing email is making the rounds at Queen's. The From: name is "Daniel Woolf," but the email address shows that the email was sent from an external email account. The message identified the recipient by name and to date have targeted staff with financial responsibilities.
The email is socially engineered:
• to start a discussion by asking a question (Are you in today?)
• to build trust that you are conversing with the sender (in this case Daniel Woolf)
• and did have a sense of urgency (Need it sent today via express)
If this is a targeted campaign, we may see additional emails from varied addresses.
Please review our phishing website for assistance in identifying phishing attacks.
http://www.queensu.ca/its/security/education-awareness/phishing
Report all phishing email to abuse@queensu.ca
For further help contact the IT Support Centre.
In keeping with the Electronic Information Security Policy, this message has been removed from all mailboxes affected using an automated feature in Office 365. If you received this message and responded to it or if you have any questions please contact the IT Support Center at x36666.
--------------------------------------------------------------
Previous Description (2017-05-17 15:35:59):
Please forward this notification to administrative and financial staff in your unit.
ITS has verified that a spear phishing email is making the rounds at Queen's. The From: name is "Daniel Woolf," but the email address shows that the email was sent from an external email account. The message identified the recipient by name and to date have targeted staff with financial responsibilities.
The email is socially engineered:
• to start a discussion by asking a question (Are you in today?)
• to build trust that you are conversing with the sender (in this case Daniel Woolf)
• and did have a sense of urgency (Need it sent today via express)
If this is a targeted campaign, we may see additional emails from varied addresses.
Please review our phishing website for assistance in identifying phishing attacks.
http://www.queensu.ca/its/security/education-awareness/phishing
Report all phishing email to abuse@queensu.ca
For further help contact the IT Support Centre.
- Publish Date: May 17, 2017 16:16
- Channels:
-
IT Support Centre
- On Campus: ext. 36666
- Off Campus: 613.533.6666
- Online Help Form