{"id":282,"date":"2015-11-11T12:19:55","date_gmt":"2015-11-11T12:19:55","guid":{"rendered":"http:\/\/blogs.kent.ac.uk\/unseenit\/?p=282"},"modified":"2015-11-11T12:28:18","modified_gmt":"2015-11-11T12:28:18","slug":"phishing-emails-using-dodgy-invoices","status":"publish","type":"post","link":"https:\/\/blogs.kent.ac.uk\/unseenit\/phishing-emails-using-dodgy-invoices\/","title":{"rendered":"Phishing emails using dodgy invoices"},"content":{"rendered":"<p>We have recently seen an large increase in the number of phishing emails directed at University accounts. These contain a downloading tool which downloads malware (usually a banking trojan).<\/p>\n<p>In order to stem the flow the IT Security Officer has been working in collaboration with the Server Infrastructure Team to implement additional signatures to help block these messages.<\/p>\n<p>The results shown below are for the 24 hr period 10-11 Nov 2015.<\/p>\n<p><a href=\"http:\/\/blogs.kent.ac.uk\/unseenit\/files\/2015\/11\/clam.png\"><img loading=\"lazy\" class=\"aligncenter size-full wp-image-285\" src=\"http:\/\/blogs.kent.ac.uk\/unseenit\/files\/2015\/11\/clam.png\" alt=\"clam\" width=\"1365\" height=\"884\" srcset=\"https:\/\/blogs.kent.ac.uk\/unseenit\/files\/2015\/11\/clam.png 1365w, https:\/\/blogs.kent.ac.uk\/unseenit\/files\/2015\/11\/clam-300x194.png 300w, https:\/\/blogs.kent.ac.uk\/unseenit\/files\/2015\/11\/clam-1024x663.png 1024w\" sizes=\"(max-width: 1365px) 100vw, 1365px\" \/><\/a><\/p>\n<p>This shows the &#8216;badmacro&#8217; signature blocking some 10,000 infected files.<\/p>\n<p>Please note that this solution is not a silver bullet. The malware authors and phishers are constantly working to defeat such protective measures and it is inevitable that some emails will slip through.<\/p>\n<p><strong>As with any email that you are not expecting or are suspicious of, just delete it.<\/strong><\/p>\n","protected":false},"excerpt":{"rendered":"<p>We have recently seen an large increase in the number of phishing emails directed at University accounts. These contain a downloading tool which downloads malware &hellip; <a href=\"https:\/\/blogs.kent.ac.uk\/unseenit\/phishing-emails-using-dodgy-invoices\/\">Read&nbsp;more<\/a><\/p>\n","protected":false},"author":38488,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[122],"tags":[],"_links":{"self":[{"href":"https:\/\/blogs.kent.ac.uk\/unseenit\/wp-json\/wp\/v2\/posts\/282"}],"collection":[{"href":"https:\/\/blogs.kent.ac.uk\/unseenit\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blogs.kent.ac.uk\/unseenit\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blogs.kent.ac.uk\/unseenit\/wp-json\/wp\/v2\/users\/38488"}],"replies":[{"embeddable":true,"href":"https:\/\/blogs.kent.ac.uk\/unseenit\/wp-json\/wp\/v2\/comments?post=282"}],"version-history":[{"count":5,"href":"https:\/\/blogs.kent.ac.uk\/unseenit\/wp-json\/wp\/v2\/posts\/282\/revisions"}],"predecessor-version":[{"id":290,"href":"https:\/\/blogs.kent.ac.uk\/unseenit\/wp-json\/wp\/v2\/posts\/282\/revisions\/290"}],"wp:attachment":[{"href":"https:\/\/blogs.kent.ac.uk\/unseenit\/wp-json\/wp\/v2\/media?parent=282"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blogs.kent.ac.uk\/unseenit\/wp-json\/wp\/v2\/categories?post=282"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blogs.kent.ac.uk\/unseenit\/wp-json\/wp\/v2\/tags?post=282"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}