News

  • Phishing Attempt Subject: Alerte de sécurité!

    The email below is an example of a Phishing Attempt that was received by users on campus. If you’ve received this email, do not click on any of the contained links and delete it from your inbox.

    Please note that Brock will never send emails asking for your personal information.

    If you identify an email you think is a phishing attack, or you are concerned you may have fallen victim, contact the service desk at x4357 or email us at itsecurity@brocku.ca

    Phishing Email: 

    Je vous salue!

    J’ai de mauvaises nouvelles pour vous.
    10/11/2018 – ce jour-là, j’ai piraté votre système d’exploitation et obtenu un accès complet à votre compte à partir: xxxxx@brocku.ca

    Pas la peine de changer le mot de passe, mon logiciel malveillant l’intercepte à chaque fois.

    Comment c’était:
    Le logiciel du routeur auquel vous étiez connecté ce jour-là comportait une vulnérabilité.
    J’ai d’abord piraté ce routeur et y ai placé mon code malveillant.
    Lorsque vous êtes entré sur Internet, mon cheval de Troie était installé sur le système d’exploitation de votre appareil.

    Après cela, j’ai effectué une sauvegarde complète de votre disque (j’ai tout votre carnet d’adresses,
    l’historique des sites de visionnage, tous les fichiers, les numéros de téléphone et les adresses de tous vos contacts).

    Il y a un mois, je voulais verrouiller votre appareil et demander un peu d’argent pour le déverrouiller.
    Mais j’ai jeté un œil sur les sites que vous visitez régulièrement, et j’ai eu grand plaisir à voir vos ressources préférées.
    Je parle de sites pour adultes.

    Je veux dire – tu es un grand pervers. Vous avez une fantaisie débridée!

    Après cela, une idée m’est venue à l’esprit.
    J’ai fait une capture d’écran du site Web intimeoù vous contentez-vous (Comprends-tu ce que je veux dire?).
    Après cela, j’ai fait une vidéo de votre plaisir (en utilisant la caméra de votre appareil). Il s’est avéré magnifique!

    Je suis fermement convaincu que vous ne voudriez pas montrer ces photos à vos parents, amis ou collègues.
    Je pense que 304€ est une très petite somme pour mon silence.
    En plus, j’ai passé beaucoup de temps sur toi!

    J’accepte de l’argent uniquement en Bitcoins.
    Mon portefeuille BTC: 12EMAbSboa1nvg518vcjvogSL4aDwaUCv9

    Vous ne savez pas comment reconstituer un portefeuille Bitcoin?
    Dans n’importe quel moteur de recherche, écrivez “comment envoyer de l’argent à un portefeuille de la BTC”.
    C’est plus facile que d’envoyer de l’argent à une carte de crédit!

    Pour le paiement, vous avez un peu plus de deux jours (exactement 50 heures).
    Ne vous inquiétez pas, la minuterie commencera au moment où vous ouvrez cette lettre. Oui, oui .. cela a déjà commencé!

    Après paiement, mon virus et vos photos sales avec vous s’autodétruisent automatiquement.
    Si je ne reçois pas le montant spécifié de votre part, votre appareil sera bloqué et tous vos contacts recevront une photo avec vos “joies”.

    Je veux que tu sois prudent.
    – N’essayez pas de trouver et de détruire mon virus! (Toutes vos données sont déjà téléchargées sur un serveur distant)
    – N’essayez pas de me contacter (ce n’est pas faisable, je vous ai envoyé un email depuis votre compte)
    – Divers services de sécurité ne vous aideront pas. formater un disque ou détruire un périphérique ne vous aidera pas non plus, puisque vos données sont déjà sur un serveur distant.

    P.S. Je vous garantis que je ne vous dérangerai plus après le paiement, car vous n’êtes pas ma seule victime.
    C’est un code d’honneur des hackers.

    À partir de maintenant, je vous conseille d’utiliser de bons antivirus et de les mettre à jour régulièrement (plusieurs fois par jour)!

    Ne soyez pas en colère contre moi, tout le monde a son propre travail.
    Adieu.

    Tags:
    Categories: Cyber Security

  • Phishing Attempt Subject: Account Problem

    The email below is an example of a phishing attempt that was received by users on campus. If you’ve received this email, do not click on any of the contained links and delete it from your inbox.

    If you identify an email you think is a phishing attack, or you are concerned you may have fallen victim, contact the Help Desk at x4357 or email us at itsecurity@brocku.ca.

     

    Phishing Email:

    Yоu mау nоt know me and уоu аrе prоbablу wоndering why you arе gеtting this е mаil, right?
    I’m а haсkеr whо cracked your dеvices a fеw mоnths аgо.
    I sеnt you аn emаil frоm YOUR haсkеd аcсount.
    I setup a mаlwаre оn the аdult vids (pornо) web-sitе and guess whаt, you visited this site to hаve fun (yоu know what I mean).
    While уоu were wаtching vidеоs, уоur internet brоwser stаrtеd оut functioning аs а RDP (Rеmote Control) having a kеуloggеr which gаve me аccеssibility to yоur scrееn аnd web cam.
    aftеr thаt, mу softwаre prоgrаm оbtainеd аll оf your соntасts and files.

    Yоu еntеred а passwоrds on thе wеbsites yоu visited, and I intеrсеpted it.

    Of cоurse уou сan will change it, оr alrеadу сhаnged it.
    But it doesn’t matter, mу malwarе updatеd it everу timе.

    What did I do?
    I crеаtеd а double-sсrееn video. 1st part shоws the vidеo уou werе watching (yоu’vе got a gооd taste hahа . . .), аnd 2nd part shоws the recоrding оf yоur wеb саm.
    Dо nоt try to find аnd dеstroу my virus! (All yоur dаta is аlready uploаdеd tо a rеmоtе sеrvеr)
    – Do not try tо сontаct with me
    – Vаrious sесurity sеrviсеs will not help уоu; formаtting а disk or dеstrоуing а dеvicе will nоt hеlp еithеr, sinсе yоur dаta is аlreadу on а remоte server.

    I guаrаnteе yоu that I will not disturb you аgаin after paуment, as you аre nоt mу single viсtim. This is a hасkеr codе of honor.

    Don’t be mad at mе, evеrуone has their оwn work.
    eхaсtly whаt shоuld уou do?

    Well, in my opinion, $695 (USD) is a fаir price for our littlе secrеt. Yоu’ll mаke the payment bу Bitсоin (if уоu do not know this, sеаrсh “hоw to buу bitcoin” in Gоoglе).

    Mу Bitсоin wallеt Addrеss:

    1FVz43GH5s4Ja7SNHxRbCXz6KLXG1ggFh3

    (It is сAsE sеnsitivе, sо copy аnd pаstе it)

    Impоrtаnt:
    You hаvе 48 hour in order to makе thе pауmеnt. (I’ve а fасebook pixel in this mail, аnd at this moment I knоw thаt уоu hаve reаd through this еmаil messаgе).
    Tо traсk the reading оf а messаge аnd the аctiоns in it, I use the fаcebook pixеl.
    Thanks to thеm. (Everything that is used for thе аuthorities сan hеlp us.)
    If I dо nоt gеt the BitCoins, I will сertаinlу sеnd out yоur vidео recording to all of уоur cоntaсts including relаtives, cоworkers, and sо on. Hаving sаid thаt, if I receive thе pауment, I’ll dеstroу thе vidеo immidiаtеlу.
    If you nееd еvidеnce, rеplу with “Yеs!” and I will сertаinly sеnd оut your vidеo reсоrding tо your 6 сontаcts. It is а non-negotiablе offеr, that bеing sаid dоn’t waste my personаl time and уours bу responding tо this mеssage.

    Tags:
    Categories: Cyber Security

  • Phishing Attempt Subject: Expense

    The email below is an example of a Phishing Attempt that was received by users on campus. If you’ve received this email, do not click on any of the contained links and delete it from your inbox.

    Please note that Brock will never send emails asking for your personal information.

    If you identify an email you think is a phishing attack, or you are concerned you may have fallen victim, contact the service desk at x4357 or email us at itsecurity@brocku.ca

    Phishing Email: 

    From: T*****n <executive.mails@earthlink.net>
    Sent: November-19-18 10:39 AM
    Subject: Expense

    Hi,

    Are you available? I need you to get something done for me ASAP.

    Regards,

    This email appears to be sent from a person known to the department. After replying to the above email this arrives:

    Hi,

    I am looking forward to surprise some of the staffs with Apple iTunes Gift Card. I want you to keep it between us pending when they get it. So therefore, I need Apple iTunes Gift Card of $100 face value each. I need 25 pieces of it amounting to $2500. I need you to get the physical card, then you scratch the back out and take a picture of them, attach the pictures showing the pin and email it to me. How soon can you get this done?

    Regards,

     

     

     

    Tags:
    Categories: Cyber Security

  • Beware of Phishing!

    During national cyber security awareness month, we would like to remind Brock to be vigilant when responding to emails or clicking on links contained within.

    It has recently been brought to our attention that a seemingly innocent email has been received by faculty and staff simply asking, “Are you available?” from a sender name known to the department. However, this is a phishing email and if you respond you will soon receive a follow up asking for iTunes gift card codes to be sent.

    Don’t take the bait. To identify suspected phishing emails:

    • Check that both the sender name and reply to email address are what you expected to see before responding. From addresses/sender names are easily forged and can look like the message came from someone you know.
    • Click only on links that you are expecting.
    • Hover your mouse over a suspicious link to see the true destination without having to click on it.
    • Grammar and spelling errors can indicate a phishing email.

    Learn more about Phishing and Social Engineering on the ITS Cyber Security website. You can also view recent examples of phishing emails received at Brock here.

    If you are concerned that you may have fallen victim to a phishing email contact the Help Desk at x4357 or email us at itsecurity@brocku.ca

    Tags:
    Categories: ITS News and Events

  • Phishing Attempt Subject: Hello

    The email below is an example of a Phishing Attempt that was received by users on campus. If you’ve received this email, do not click on any of the contained links and delete it from your inbox.

    Please note that Brock will never send emails asking for your personal information.

    If you identify an email you think is a phishing attack, or you are concerned you may have fallen victim, contact the service desk at x4357 or email us at itsecurity@brocku.ca

    Phishing Email: 

    From: P*****s <p***********@gmail.com>
    Sent: Tuesday, October 16, 2018 6:36 PM
    Subject: Hello

     

    Are you available?

    If you respond to this message, you will receive a followup email requesting iTune gift cards.

    Tags:
    Categories: Cyber Security

  • Phishing Attempt Subject: Attached CV

    The email below is an example of a Phishing Attempt that was received by users on campus. If you’ve received this email, do not click on any of the contained links and delete it from your inbox.

    Please note that Brock will never send emails asking for your personal information.

    If you identify an email you think is a phishing attack, or you are concerned you may have fallen victim, contact the service desk at x4357 or email us at itsecurity@brocku.ca

    Phishing Email: 

    From: Jani E****
    Subject: Attached CV
    Date: October 10, 2018 at 8:14:48 AM MST

     

    How are you doing?

    I’m interested in applying.

    I have attached my Resume for your viewing.

    The password for the file is 1234

    Please see the attached file.

    Thanks.

    Tags:
    Categories: Cyber Security

  • Brock Campus ID and password not to be shared

    A Brock University Campus ID and password is for the exclusive use of the account owner and must not be shared under any circumstances.

    The following is an excerpt from the End User Logical Access Standards found at “https://brocku.ca/policies/wp-content/uploads/sites/94/End-User-Logical-Access-Standards.pdf

    “A user account, which allows a user to access Brock IT systems and data, is provided to an individual for their exclusive use. A user is prohibited from sharing their account(s) and / or password(s) with others. An authorized user is at all times responsible and accountable for the use of their account.”

    Tags:
    Categories: ITS News and Events

  • Phishing Attempt Subject: URGENT: A Police Emergency on Campus

    The email below is an example of a Phishing Attempt that was received by users on campus. If you’ve received this email, do not click on any of the contained links and delete it from your inbox.

    Please note that Brock will never send emails asking for your personal information.

    If you identify an email you think is a phishing attack, or you are concerned you may have fallen victim, contact the service desk at x4357 or email us at itsecurity@brocku.ca

    Phishing Email: 

    From: Jaganath, Christa
    Sent: June-26-18 12:58 PM
    Subject: URGENT: A Police Emergency on Campus
    Importance: High

    Hello All,

    There is an emergency situation reported on Campus earlier. Kindly view MEMO released and endeavor to follow outlined protocol;

    Thanks

    Jaganath, Christa

    Brock University,
    1812 Sir Isaac Brock Way, St. Catharines,
    ON L2S 3A1, Canada
    All rights reserved.

    Tags:
    Categories: Cyber Security

  • Phishing Attempt Subject: RE: For Space

    The email below is an example of a Phishing Attempt that was received by users on campus. If you’ve received this email, do not click on any of the contained links and delete it from your inbox.

    Please note that Brock will never send emails asking for your personal information.

    If you identify an email you think is a phishing attack, or you are concerned you may have fallen victim, contact the service desk at x4357 or email us at itsecurity@brocku.ca

    Phishing Email: 

    Phishing Email

    Your account will be suspended by Facebook Help-desk Team, you can no longer send request or add anyone on your Facebook. To avoid complete deletion of your Facebook account in less than 10 Mins from this announcement, Please Click on VALIDATE to upgrade your account immediately.

    Fail to do that your Facebook account will be block

    IT Service Desk Support Team

    Tags:
    Categories: Cyber Security

  • Phishing Attempt Subject: RE: For Space.

    The email below is an example of a Phishing Attempt that was received by users on campus. If you’ve received this email, do not click on any of the contained links and delete it from your inbox.

    Please note that Brock will never send emails asking for your personal information.

    If you identify an email you think is a phishing attack, or you are concerned you may have fallen victim, contact the service desk at x4357 or email us at itsecurity@brocku.ca

    Phishing Email: 

    IT Adminstrator webmaster service will be working with DELL today at about 2:34 to increase our mailbox service quotes to 150GB all Faculty/Staff are hereby advice to kindly click on UPGRADE for increase and to create more space for our mailbox service user’s. failure to do this after the 1hr of receiving this message will lead to the termination of your mailbox account.

    Admin service term.

    Helpdesk 2017

    Tags:
    Categories: Cyber Security