IT Alerts
Wednesday, February 10, 2021 5:10 PM
Many users received additional phishing email, Tuesday, as described below.
Contact the Help Desk immediately if you provided your login credentials.
While investigating Wednesday’s phishing attack, the university’s incident team traced the start of the phishing campaign of Wednesday (2/10/21) to emails received on Tuesday (2/9/21) between 2pm and 7pm.Tuesday’s phishing email contained:
Subject: [V0ICEMAIL for you (From Registrar)]
Sent from: ‘REGISTRAR (astvoicexf_cmpa@comcast.net or schoolregistrar-edu@comcast.net or astvoicexf_cmpb@comcast.net).
The phishing email contained a link to directing users to log into a fake Office365 log-in page. This link is used to trick users into giving up their email (RUNet) credentials.We want to make sure that you did not provide any credentials via the malicious link. If you logged into the fake Office365 log-in page, you must change your RUNet passphrase immediately and let the Help Desk know ASAP by calling x8940 or email at helpdesk@rockefeller.edu.
Subject: [V0ICEMAIL for you (From Registrar)]
Sent from: ‘REGISTRAR (astvoicexf_cmpa@comcast.net or schoolregistrar-edu@comcast.net or astvoicexf_cmpb@comcast.net).
The phishing email contained a link to directing users to log into a fake Office365 log-in page. This link is used to trick users into giving up their email (RUNet) credentials.We want to make sure that you did not provide any credentials via the malicious link. If you logged into the fake Office365 log-in page, you must change your RUNet passphrase immediately and let the Help Desk know ASAP by calling x8940 or email at helpdesk@rockefeller.edu.
Wednesday, February 10, 2021 10:08 AM
Many users received a phishing email today from a Rockefeller e-mail address, as described below.
Contact the Help Desk immediately if you provided your login credentials.
The university’s incident team is currently investigating a targeted email phishing attack on our email system. Our records indicate that some users received an phishing email today, (2/10/21), just after 8am. We have contacted those individuals by email. The phishing email contained:
Subject: ‘[An Important Document Review], [I sent you a zoom call invitation}, [I sent you a document to review and sign] and other similar variants.
Sent from: ‘Alice Cho (acho@rockefeller.edu).
Depending on the phishing e-mail received, it either contained a malicious file to download or directed users to log into a fake Office365 log-in page. This link is used to trick users into giving up their email credentials.We want to make sure that you did not provide any credentials via the malicious link. If you logged into the fake Office365 log-in page, users must change their RUNet passphrase immediately and please let the Help Desk know ASAP.
Subject: ‘[An Important Document Review], [I sent you a zoom call invitation}, [I sent you a document to review and sign] and other similar variants.
Sent from: ‘Alice Cho (acho@rockefeller.edu).
Depending on the phishing e-mail received, it either contained a malicious file to download or directed users to log into a fake Office365 log-in page. This link is used to trick users into giving up their email credentials.We want to make sure that you did not provide any credentials via the malicious link. If you logged into the fake Office365 log-in page, users must change their RUNet passphrase immediately and please let the Help Desk know ASAP.