A warning has been issued about a phishing campaign specifically targeting NJ State Employees and Users, which attempts to download a banking Trojan onto targeted systems via a Microsoft Word document.
As reported, “Recent email subject lines associated with this phishing campaign begin with words such as ‘Payment,’ ‘Inv,’ ‘Acknowledge,’ and ‘Account,’ followed by a various letter/number combination.” Opening the attachment in the email results in the threat actor obtaining login credentials and other sensitive data.
This is a reminder to never click on links or open attachments delivered with unexpected or unsolicited emails. Please continue to report suspicious messages to abuse@tcnj.edu.