Loyola Information Security Blog

Well organized fraudsters are running a scam using social media and word-of-mouth primarily targeting international students at U.S. colleges and universities. The fraudsters offer discounts on school tuition if the victim makes a tuition payment via the fraudsters. Victims are subsequently asked to provide their credentials to the school’s online tuition payment portal in order […]

Several Loyola staff and faculty have received an email that appears to be from a Loyola ITS department requesting that they verify the “security of their account.” Clicking their “Loyola Security” link will bring you to a non-Loyola webpage. From what we understand the page’s intent is to only harvest information, namely the UVID and password. […]

Beware of a new email phishing scam that is targeting Loyola. The email will be similar to the text below, and contains a link to a non-Loyola site that will collect your user credentials.  The linked site is now blocked for users on the University network.   Your LUC mailbox has exceeded it storage limit […]

Early this morning, Loyola email users may have noticed an email in their inbox that appears ot come from a legitimate source containing a Word document that has an embedded program that attempts to install ransomware named “Locky” The email looks to be from: ebilling@angelsprings.com and has the subject line: “Your Latest Documents from Angel […]

Several Loyola staff and faculty have received an email that appears to be from a Loyola email address requesting that they change their password. The link in the email will open to a page that looks to be an official Password Change page from the university.  Although this page is not in the normal Loyola […]

What is believed to be the first JavaScript-based ransomware-as-service is spreading. Because of the way it works, Called Ransom32, it is likely to be able to infect multiple operating systems including Windows Mac and Linux. It is generally spread via phishing type email and is contained in a self executing ZIP file attachment that is […]

Beware of a new phishing scam circulating campus. The email will be similar to the following, and contains a OneDrive link to a malicious executable. From: “MICROSOFT SECURITY” <g.contento@masteronline.biz> To: <UVID@luc.edu> Subject: SUSPICIOUS ACCOUNT ACTIVITY!!! Reply-To: <g.contento@masteronline.biz> If the phishing attachment was opened or clicked, please call the ITS Help Desk for assistance at (773) […]

Beware of a new phishing scam circulating campus.  The email will be similar to the following, and contains a Google Drive link to a malicious executable. From: “info@slicedcreative.co.uk” <info@slicedcreative.co.uk> Date: October 2, 2015 at 12:32:31 PM CDT To: <UVID@luc.edu> Subject: Swift payment copy. Reply-To: <gjdariye@excite.com> If the phishing attachment was opened or clicked, please call […]

Beware of a phishing attempt going around which contains a malicious email attachment. The email will have a similar format to: From: fax@luc.edu <fax@luc.edu> Subject: FW: Fax-46787543675.doc <Fax-46787543675.doc> is attached.   If the phishing attachment was opened or clicked, please call the ITS Help Desk for assistance at (773) 508 – 4487.  Also, if you receive a suspicious email […]

Beware of a new phishing attempt going around asking users to follow a link to access some e-mail messages. The Information Security Office has received many notifications of this e-mail floating around. The e-mail format is as follows: “Subject: Re: Urgent/Important Maintainance Dear user@luc.edu, In regards to the ongoing maintainance. Some of your important messages […]