Ongoing Phishing Campaign Targeting Faculty
The Information Security Office (ISO) would like to warn the campus community about a phishing campaign targeting faculty that takes the form of a Google sharing notice for a file named “Faculty Evaluation.docx”. While the sharing notice itself is a legitimate Google file sharing notice, the file being shared is malicious and comes from a non-UCR account.
In the sample examined by the ISO, the file was shared from the account 'firstname.lastname@example.org.' However, in the body of the sharing notice the malefactors included a message claiming that the file was shared by a real UCR faculty member. Always be suspicious of files shared from unknown sources.
In general, ITS advises all UCR students, faculty, and staff to be wary of email and to always think twice before clicking on links in email, opening documents attached to email, or responding to email.
This campaign shows that scammers will subvert legitimate tools to achieve their illicit aims. Always be on alert!
Please report any suspicious emails to email@example.com (see complete instructions a https://ucrsupport.service-now.com/ucr_portal?id=kb_article&sys_id=2af24d121b0b849026bd635bbc4bcba1).
For more cybersecurity tips, visit our website at its.ucr.edu/cybersmart.