Software Services Scams

Sophisticated Phishing Campaign Targets Microsoft OneDrive Users

July 30, 2024
By Infosecurity Magazine

Security researchers have uncovered a sophisticated phishing campaign targeting Microsoft OneDrive users.

Read Article

Back to Top

ITS Fraud Warning: IMPORTANT UPDATE FROM THE ADMIN

September 16, 2022

If you received a similar email to that below, please report it with the Phish Alert button or delete it.

 

ITS Warning: MICROSOFT SECURITY ALERT!!

April 20, 2022

If you have received an email with the subject MICROSOFT SECURITY ALERT!!, please delete or report it via the Phish Alert button. If you have interacted with the link, contact the Help Desk immediately.

 

ITS Notification: We found a harmful file in your email environment

March 29, 2022

Please delete the following warning message(s) from Mimecast. The harmful file has been removed. We are working to stop the unnecessary warning emails. We apologize for the inconvenience.

 

Back to Top

Microsoft/PayPal Phishing Campaign Circulates

August 17, 2021

If you receive an email in regards to expiring subscriptions from Microsoft, but their domain is not related or officially from Microsoft, please delete the email as this is a phishing attempt. If you have clicked any links or interacted with the email, please contact the Help Desk. 

 

Microsoft Security or Tech Support Pop-Up Scam

January 29, 2021

System(s) Affected: Microsoft Windows Computers

Microsoft Windows users may have a pop-up appear that directs them to call a phone number for technical support. Do not call this phone number. Do not interact with this pop-up. If necessary, turn off the computer to get past the pop-up. If this happens to you, please reach out to the Help Desk for assistance.

Refer to this document from Microsoft for further details:
https://support.microsoft.com/en-us/windows/protect-yourself-from-tech-support-scams-2ebf91bd-f94c-2a8a-e541-f5c800d18435

Back to Top

DocuSign Phishing Campaign

November 19, 2020

Read more here.

 

Office 365 Phishing Attack

January 15, 2020

Trying to steal your username and password is so “yesterday.” The 2020 Hacker is now leveraging Office 365 OAuth APIs to gain control over user mailboxes with phishing tactics.

Read more here at the source: https://blog.knowbe4.com/new-office-365-phishing-attack-targets-oauth-apps-instead-of-credentials

Back to Top

DocuSign Scam

August 5, 2019

"Your document has been completed" message is a fraudulent one, attempting to steal your username and password credentials. Please delete it without opening it. As Dropbox is a common platform used by organizations to share and access files remotely, there is a significant threat to account and college network security. This attempt consists of unsolicited email with an embedded URL that redirects users to a fraudulent Dropbox login page designed to mimic the legitimate website.

 

Termination Checklist Scam

June 5, 2019

​An email that looks like a OneDrive share, may come from your own email address or another email at hccc.edu. The link is not to Microsoft OneDrive, and is an attempt to steal your login credentials. If you have clicked the link, please contact the Help Desk. 

 

Quarantine Messages Scam

June 5, 2019

​If you receive an email saying it is from "Hccc", Microsoft, or any unfamiliar address, and is stating you have incoming messages that have been moved to quarantine, immediately delete it and do not open any attachments or links for this is a phishing attempt. If you clicked a link or interacted with the email, please contact the Help Desk.

 

Office 365 Urgent Request Scam

May 27, 2019

NJCCIC reports a new phishing campaign that claims to come from the “Office 365 Team”. The email warns the user that their account is going to be deleted unless the request is cancelled within the hour. This new campaign employs the old tactic of creating a sense of urgency to convince users to take risky actions, such as clicking on a link in an unexpected email. Once clicked, the link directs the user to a fraudulent Microsoft Office Support Account Update page that prompts the user to sign into their account in order to cancel the request. Once the user’s credentials are entered and submitted, they are sent to the threat actors and the user is redirected to a landing page with a “thanks!” message. The login and other landing pages were created using Excel Online. As always, if you have concerns with a message, report it to the Help Desk using spamFREEHUDSONCOUNTYCOMMUNITYCOLLEGE or call. If you have clicked on a link in this email, contact the Help Desk.

Back to Top

Dropbox Account Scam

September 5, 2018

A phishing campaign has been detected targeting NJ state employees, that could potentially affect HCCC. As Dropbox is a common platform used by organizations to share and access files remotely, there is a significant threat to account and college network security. This attempt consists of unsolicited emails with an embedded URL that redirects users to a fraudulent Dropbox login page designed to mimic the legitimate website. Recent subject lines associated with this campaign include “Sent from,” “Invoice File From,” “Kindly Review,” and “Scanned from a Xerox Multifunction Printer.” According to Proofpoint’s “The Human Factor Report 2018,” Dropbox account phishing was the top phishing attack by volume. If you receive an invitation to access a file from Dropbox that you are not expecting, verify independently with the sender that it is legitimate.

 

SharePoint/OneDrive Scam

September 5, 2018

​Be aware of phishing attempts to steal credentials for Microsoft OneDrive and SharePoint services. Both phishing campaigns employ emails containing URLs that direct unsuspecting users to fraudulent websites that appear to look like the legitimate Microsoft login webpage. When the user logs in, their credentials may be sent to an external site controlled by the threat actor, saved in a text file for later retrieval by the threat actor, or emailed to an email address controlled by the threat actor. Then the user is frequently redirected to the legitimate Microsoft login webpage, which displays that their login failed to process and will need to log in again. Alternatively, a PDF or other document may be opened and displayed to the user to avoid suspicion. Threat actors target file-sharing sites since they are commonly used for business purposes and may provide access to sensitive information.

Always avoid clicking on links contained in unsolicited or otherwise suspicious emails. If you are uncertain of the email’s legitimacy, contact the sender via phone or text message. If you have fallen victim to this ruse, we recommend that you change passwords for all accounts that use the same login credentials and enable multi factor authentication going forward.

 

Approval Required Scam

September 5, 2018

"Your Approval is Required!" message is a fraudulent one, attempting to steal your username and password credentials. Please delete it without opening it. As Dropbox is a common platform used by organizations to share and access files remotely, there is a significant threat to account and college network security. This attempt consists of unsolicited email with an embedded URL that redirects users to a fraudulent Dropbox login page designed to mimic the legitimate website. The message looks like this:

Back to Top