Phishing Alert: Email Claiming to be Fax Report Contains Link to Harmful Dropbox File

Wednesday, May 28, 2014

Computing Services and Systems Development (CSSD) is responding to reports of a new email phishing scam being received by members of the University community. The email claims to contain a link to an incoming fax. The email message actually links to a Dropbox download that contains a harmful .zip file.

If you receive this message (or any message similar to it), delete it without replying, opening any attachments, or clicking on any links within the email. The following is a sample of the recent fraudulent email:

* * * * * * * * * * * * * * * * SAMPLE * * * * * * * * * * * * * * *

From: Incoming Fax [mailto:no-reply@mail.pitt.edu]
Sent: Wednesday, May 28, 2014 11:50 AM
Subject: INCOMING FAX REPORT: Remote ID: 643-555-5555

INCOMING FAX REPORT

Date/Time: Wed, 28 May 2014 09:97:16 GMT
Speed: 4710bps
Connection time: 05:09
Pages: 0
Resolution: Normal
Remote ID: 643-555-5555
Line number: 8
DTMF/DID:
Description: Internal only

To download / view file please click here

* * * * * * * * * * * * * * END SAMPLE* * * * * * * * * * * * * *

CSSD strongly recommends that you do not reply to unsolicited emails or emails from unverifiable sources. Avoid clicking on links contained in such emails, as these may lead to sites that contain harmful software. If a link looks suspicious, you can hover over the link with your mouse to preview the URL without clicking on it.

In addition, CSSD recommends that all users install Symantec Endpoint Protection software and use the LiveUpdate feature to get the latest virus definitions. Symantec Endpoint Protection can be downloaded at no cost through the Software Download Service at My Pitt (my.pitt.edu).

Please contact the Technology Help Desk at 412 624-HELP [4357] if you have any questions regarding this announcement.


Get Help