A trusted third party information source has notified Purdue University that we have been explicitly targeted in an active, targeted, persistent spear phishing campaign. The attacker’s attempt to trick users into opening an infected PDF file in order to compromise a system. The attachment may come as one of the following or similar examples:
a) Staff_Changes(purdue).zip, or similar
b) Any_Staff_Changes_About_Purdue_University.exe or similar
c) Leveraging_Ethernet_Card_Vulnerabilities_in_Field_Devices.pdf or similar
If you receive e-mails with or without attachments from unknown sources or you receive information you did not request in the form of an attachment, do not open these attachments or click on any links embedded in the e-mail.
If you receive one of these e-mails or other suspicious E-Mails, please forward them to firstname.lastname@example.org as an Outlook Item attachment.
Purdue University, other organizations or businesses will never ask you for your password and/or sensitive and protected information via e-mail. Please be careful where you click.
If you have any questions or concerns please e-mail the Customer Service Center at email@example.com , or you can call them at extension 2888 option 2.
Filed under Security Alerts.