We were alerted to the email below. Please read carefully and share with your units. W2 Forms in our district will NOT be distributed electronically so any such email should be ignored. Thank you. Mara NEW YORK STATE OFFICE OF INFORMATION TECHNOLOGY SERVICES CYBER-THREAT ALERT DATE ISSUED: January 23, 2016 January 25, 2016 UPDATED SUBJECT: Active Email Phishing Threat OVERVIEW: The NYS ITS CSOC has been notified of an active phishing email threat targeting government agencies. We have received reports of a well-crafted phishing email circulating in the past two weeks at several US universities and in neighboring states. The email notifies employees that their electronic W2s are available and encourages them to click to login and view/print their W2s. The link takes them to a landing page which has been made to look like the organization’s Human Resources site. Those who fall victim to the phishing email may have their personal information compromised, including login, password, tax information, bank account information, personal contact information and benefit information. Two sample emails are provided below. Please note that there are several variants. ORIGINAL INDICATORS OF COMPROMISE:
· Email was sent from email domain email.ufrb.edu.br · IP address resolution for the email domain resolves to 200.128.85.35 · The link in the email sent from the email domain redirects to a URL in the domainhxxp://xxx.flirtingvision.co.nz (this domain is still active) RECOMMENDATIONS:
If you have any questions or concerns please direct your inquiries to [email protected] or by phone at 242-5211. Cyber Security Operations Center NYS Enterprise Information Security Office Office of Information Technology Services (ITS) 1220 Washington Avenue, Building 5 – 1st Floor Albany, New York 12226 Main Phone: 518-242-5211 | [email protected] Website: http://www.its.ny.gov/eiso Comments are closed.
|
Archives
September 2024
Categories |