Warning: spear-phishing campaign targeting IS MU login credentials
The Cybersecurity Team of Masaryk University warns of an ongoing spear-phishing campaign aimed at stealing login credentials for the Masaryk University Information System.
Warning: Masaryk University users targeted by malware
In recent days, Masaryk University's cybersecurity team has seen a new sample of malware targeted at Masaryk University users.
What’s the threat about?
The Cybersecurity Team of Masaryk University would like to inform you about an increased risk of being targeted by phishing e-mails. These e-mails contain a suspicious link to download an unknown file. Note that the presence of the download link in the e-mail is not explained in any way. By downloading this file, the user infects the device with very sophisticated malware.
Attackers proceed as follows: gain access to the e-mail address - find a trusted conversation in the inbox - send e-mails with a link to download an unknown file that contains malware. You can see an example in the red box in the picture below.
This current threat is a textbook case of what the average user encounters with a certain regularity. We, therefore, recommend the following digital habits:
- Don't click on links in e-mail messages.
- Never download files from unexpected e-mail attachments.
- Focus on just one activity at a time.
- Verify that the sender's name matches the e-mail address.
- If you receive a suspicious e-mail, please report it to the CSIRT-MU team.
In conclusion
In connection with the current situation, we would like to point out Cybercompass, our course about the fundamentals of information security for users. Especially its online lesson on Self-defense.