Please be advised that there are suspicious emails circulating that are targeting members of the Fordham Community. The subject line of these emails contain the words “sent you files via WeTransfer”. The messages contain a file download link from a seemingly legitimate email source. However, the file itself instructs the user to go to a phishing site and enter confidential information.
These are not legitimate emails and should be reported immediately.
Please remain diligent and avoid giving any personally identifiable information through email. Files sent via WeTransfer can be easily crafted to look like they are from legitimate email addresses and even trusted third parties. Do not assume a message from WeTransfer is trustworthy based on the displayed name of the sender. Pay attention to the sender of the email and if something appears suspicious, contact the sender directly to verify the messages legitimacy. DO NOT respond via email. If direct contact with the sender is not possible, please contact ITCC for assistance.
The content of the email is as follows:
————Start of Message————
From: WeTransfer <email@example.com>
Subject: firstname.lastname@example.org sent you files via WeTransfer
————End of Message————
Please remember that Fordham IT will NEVER ask you for your username and password or ask you to click any links to validate or verify your account or password. If you receive questionable or suspicious communications, contact IT Customer Care and allow the University Information Security Office (UISO) to validate the legitimacy of these communication attempts.
(Photo from – http://everhelperblog.com/new-nimbus-note-iphone-manual-note-encryption/ )
Ransomware, and malware like other types of cyber-attacks can be prevented with regular maintenance and vigilance.
- Back up your files
- Set your system to do regular backups of your important information.
- Don’t forget to back up your mobile devices as well. Including tablets, iPads, and cell phones.
- Encrypt your files whenever you can
- Be sure to patch and update all of your software.
- Your software providers are constantly working to keep your OS and applications running smoothly, this includes patches to close up vulnerabilities.
- If you suspect any suspicious activity, or believe you may have downloaded a malicious file.
- Disconnect from the internet, this way no other devices are affected on the network.
- Contact Fordham IT and provide them as much information as you can.
- Fordham IT will work with public safety and local law enforcement to help you attempt to recover your files and protect you from future attacks.
Detailed information regarding Ransomware or Malware scams and other IT security topics are available on our IT Security website at: www.fordham.edu/SecureIT or from our blog at fordhamsecureit.blogspot.com
If you have any questions or concerns, please contact IT Customer Care at (718) 817-3999 or via email to: HelpIT@fordham.edu.
This is a Suspicious email that has been reported. This message was
received on or about July 31st, 2017. Please DO NOT respond to this
message or anything that looks like it. You may disregard and delete
this message. If you have any questions about the validity of this email
please contact IT Customer Care at 718-817-3999 or via email:
——————–Begin Message ——————————
Date: Mon, Jul 31, 2017 at 11:59 AM
Subject: Scanned image from MX-2600N
Reply to: email@example.com <firstname.lastname@example.org>
Device Name: Not Set
Device Model: MX-2600N
Location: Not Set
File Format: Microsoft Office Word
Resolution: 200dpi x 200dpi
Attached file is scanned image in DOC format.
Document password: LRAKRFT
Creation date: Mon, 31 Jul 2017 20:29:21 +0430
*This Email Has An Attached Word Document That Is Password Protected*
——————–End Message ——————————