Known and Reported Threats

Ransomware On Your Personal Computer

What Should You Do?

  • If the threat does not appear in the list below, you can report it to LIS by clicking the “Internet Threat Report” link below.
  • Report it to Google from inside the message by clicking the arrow next to Reply, clicking More, then Clicking Report phishing.
  • Ignore or delete the message.
  • If you replied, clicked a link, provided any information through a form, or opened an attachment, reset your Carthage password and scan your computer for malware (Windows, Mac).
  • Email help@carthage.edu for questions or concerns.
  • Internet Threat Report

Message or Warning

Click on a link in the menu below to see more information about each threat.

If you know of a threat, please submit the form below to let Library and Information Services know:

Internet Threat Report

The following email went out from Carthage Library and Information Services about a legitimate training requirement from LIS and Carthage. Please take this message seriously and complete the training. The text of the email is below.

Hi xxxx@carthage.edu.

As indicated in our previous email, you currently have 1 assignment awaiting your completion. Please click the link below to register on our training platform called Cyber Risk Aware and complete your assigned training by 6/25/2022 4:30:00 AM.

Carthage College CyberRickAware Portal

Feel free to rate and provide feedback when prompted upon completion of this training.

Thank you,

Library and Information Services

We’ve been made aware of an email hoax that presents the subject “I.T EVALUATION.pdf” that is signed as John Swallow with link and an “OPEN” button.  Please avoid opening or interacting with this email.  

-Library and Information Services

caturner@ucmo.edu has shared the following item:
Today,
We are urgently conducting a short 5-minute survey about employee efficiency which requires staff to participate.
Your input is critical and will help carry out our responsibilities.

John R. Swallow
President
 
I.T EVALUATION.pdf

A recent phishing attempt via calendar invite has been identified and is actively being delivered in higher education institutions.  The Meeting title is “Customer Service Review”, the email may appear to come from users from within our @carthage.edu domain.  Please be cautious when acceppting any calendear invites you are not familar with. 

-Library and information Services

We’ve been made aware of  a phishing attempt that contains the following information and link to a “google doc”, please be on the lookout.  Text of email: 

See the changes in your Google Document “Contact Me - Form”: CLICK HERE

A user last made changes on 1/23/2022 1:09pm (India Standard Time) regarding the below:

  • Form submit

____________________________________________________

Powered by Google Docs

This is to notify all Carthage College Students and Staffs that we are validating active accounts.

Kidnly confirm that your account is still in use by clicking the validation link below:

Validate Email Account

Please note that any unvalidated accounts will be marked as disused and subsequently deleted within 72 hours.

Sincerely,

 

IT Help Desk
Carthage College Office of Information Technology

It’s tax season and attackers are capitalizing on that with this phishing email: 

Accounting and tax software provider Intuit has notified customers of
an ongoing phishing campaign impersonating the company and trying to
lure victims with fake warnings that their Turbo Tax (Intuit) accounts have been
suspended.

Intuit’s alert follows reports received from customers who were
emailed and told that their Intuit accounts were “disabled following a
recent server security upgrade”

Email Typically Reads:

“We have temporarily disabled your account due to inactivity. It is
compulsory that you restore your access within the next 24 hours,”
the attackers say in the phishing messages, masquerading as the
Intuit Maintenance Team. “This is a result of recent security upgrade
on our server and database, to fight against vulnerability and
account theft as we begin the new tax season.”

A new phishing campaign is installing the BazarLoader/BazarBackdoor trojan through malicious CSV files. BazarBackdoor is a stealthy backdoor malware created to provide threat actors remote access to an internal device that can be used as a springboard for further lateral movement within a network. The phishing emails pretend to be “Payment Remittance Advice” with links to remote sites that download a CSV file with names similar to “document-21966.csv.”

Subject: Employee Benefit Program

Date: 1/18/2022

From: Stormy Crawford <crawfords@wbu.edu> or Denise P. Barrett <denise.barrett@famu.edu></denise.barrett@famu.edu></crawfords@wbu.edu>

The Employee Assistance Program (E.A.P.) will be supporting all employees with cash assistance as part of a benefit plan to help employees get through the hard times due to the COVID-19 pandemic.

The Employee Assistance program will provide $3,700 in assistance to all qualified employees after applications are reviewed, processed, and approved.

Visit the Employee Benefits portal and follow all instructions carefully and enter the most appropriate details to apply.

Note: the support program is only available to qualifying employees. All the information requested is required for your application to be processed.

Sincerely,

*Stormy Crawford*

Self-Service Admin