Phishing emails using dodgy invoices

We have recently seen an large increase in the number of phishing emails directed at University accounts. These contain a downloading tool which downloads malware (usually a banking trojan).

In order to stem the flow the IT Security Officer has been working in collaboration with the Server Infrastructure Team to implement additional signatures to help block these messages.

The results shown below are for the 24 hr period 10-11 Nov 2015.

clam

This shows the ‘badmacro’ signature blocking some 10,000 infected files.

Please note that this solution is not a silver bullet. The malware authors and phishers are constantly working to defeat such protective measures and it is inevitable that some emails will slip through.

As with any email that you are not expecting or are suspicious of, just delete it.

Leave a Reply