Cyber threats -- Stay alert!

VCU has received advisory alerts from multiple sources indicating an elevated risk of cyber threats at this time. The threat actors are believed to be utilizing targeted phishing attacks to gain unauthorized access to large IT systems.

As a result, please be advised to stay extra vigilant and alert, and take the following precautions in the upcoming weeks:

1. Be aware of the following Tactics, Tools, and Procedures (TTP) used by some of these adversaries:

• The use of fake personas by the threat actors, pretending to be assistants to executives and researchers.

• Use of traditional email, as well as WhatsApp, SMS, and other alternative communications mechanisms.

• Use of fake Gmail or Microsoft login pages (Some actually hosted on Google Sites), as well as fake Google Meet or other virtual meeting invitations designed to steal credentials from victims.

• The use of Generative Artificial Intelligence (GenAI) tools in the creation of these phishing campaigns is generally free of spelling or grammatical errors.

2. Please take the following precautions when handling emails, texts, or other communications:

• Proceed with extra caution in dealing with inquiries from external researchers, executives, or other external individuals. When in doubt, check with your IT support unit or infosec@vcu.edu.

• Be extremely cautious of meeting invites from external parties, especially those from individuals you do not know.

• Be cautious of links in emails; hover over links or tap and hold links to reveal their destination. Please be advised that some malware or phishing websites can be hosted on legitimate services like Dropbox, X, or Google Sites. When in doubt, check with your IT support or infosec@vcu.edu.

• Be cautious when unknown individuals reach out to you via social media or text message platforms, such as SMS, WhatsApp, LinkedIn, or Telegram. Be especially cautious if they send you links or meeting invites, or ask for any proprietary information.