Warning for phishing – package delivery
Information from the Incident Response Team (IRT) to all co-workers: we are seeing a large increase in sophisticated phishing attempts at the moment. Some of these target LiU specifically, such as the previous phishing attempt against the library. Others are indirect, and these can also expose LiU co-workers to risk.
In recent weeks hundreds, possibly thousands, of phishing domains have been registered, and these are now waiting to be activated and used. Most of them seem to concern postal services in the Nordic region. Some authentic websites have also been hacked, and now link to phishing sites. Several of these web pages are not just phishing sites: they also spread malware.
LiU has received several email messages that contain links to phishing sites, and analysis of these shows that they are unusually well-crafted and extremely difficult to recognise as phishing. In most cases, it is the address that reveals that the emails contain deceitful contents.
An example of a phishing attempt that has been sent to LiU in recent days (right click and open the image in a new tab to see it a larger version):
A screen dump that shows a page in Swedish that claims that the attempted delivery of a package has not been successful, and that the receiver is to arrange a new delivery attempt.
Several of the links on the page are to Postnord’s legitimate site, which makes the phishing page more credible. All of the links claiming to solve the problem given in the email message are to a page that requests information about you as a person and your payment information. This page also is identical to the PostNord webpage.
What should co-workers do?
- To keep track in a safe manner of your private packages and posted items: use the PostNord app – Spåra dina paket (published by PostNord Group AB), or Mina paket (published by Unifaun), which manages items sent by several different suppliers. You can track the delivery of your packages in these apps. It’s possible to change the language setting to English for the apps.
Alternatively, visit, for example, the PostNord website in a web browser and track your items with the aid of the tracking number or package identifier.
- Activate two-step verification on your LiU account to make the account more secure against unauthorised log in. Using two-step verification you can prevent unauthorised log ins to your account.
As always, we encourage you to report to the IRT if you:
- have been the target of phishing that is in your opinion particularly convincing
- have been the target of an attempt to spread malware that is in your opinion particularly convincing.
- have been the target of attempted fraud, particularly if account numbers or other bank details have been sent to you.
The Incident Response Team (IRT) updates protection at LiU as it receives information about malicious email or links, but in order to ensure that all aspects of the protection are fully effective it is necessary that co-workers are connected to a LiU network or connected to a LiU network through our VPN.
A tip to make it easier to remember to start VPN is to pin the app in the taskbar or Dock:
Windows: open the app. Right-click on the app icon in the taskbar and select Pin to taskbar.
MacOS: open the app. Right click on the app icon in the Dock. Click Options and Keep in Dock.
Subscribe to IT news
Receive a newsletter for LiU employees 4 times per semester with IT news. The newsletter is in Swedish, but many of the included articles are available in English. Subscribe here!
Latest IT related news
- Warning for phishing – package delivery (2020-11-18)
- Spam with faked library login screen (2020-11-02)
- Microsoft Video to be discontinued - Stream new tool (2020-11-02)
Last updated: 2020-11-19