To access this content, log in with your DuckID. The page will now redirect to the login page. If it doesn't automatically redirect you, please click here to login.

Employee Performance EvaIuation

 
 
Submitted by iso-epperson on
Alert Type
Phishing Email (in the wild)
Date Entered
From
Janice Boop <jboop@warren.edu>
Date Sent
Message Content

This email attempts to prompt University of Oregon faculty into completing an urgent assessment to "reflect on past achievements." Upon clicking the link, users are directed to a login page requesting their credentials — posing a significant security risk, as this may capture university, personal, or other valid account information.

The email was CC'd to faculty members and department accounts across the University of Oregon, Portland State, and Oregon State, further supporting that this is a phishing attempt.

While the sender's domain "warren[.]edu" is legitimate and belongs to Warren County Community College, the account appears to have been compromised and used to distribute this message.

Image
After decoding the link and running it in a sandboxed environment, here is what can be seen.
Here is the body of the senders email.