AgriLife Information Technology

Ukrainian-related Phishing and Russian-based Attacks

There has been a noticeable uptick in phishing emails exploiting the sentiment surrounding the events in Ukraine.

In the first week of March, there were over 600 quarantined phishing emails referencing Ukraine.

Most of these emails advertised t-shirts and stickers to support the cause, or shared misinformation articles to trick recipients into clicking on malicious links. The links in these quarantined emails redirected to malicious temporary websites that either:

  • tried to surreptitiously gather user credentials
  • dropped malware onto the device

Looking Ahead

Intelligence agencies have warned of the potential for widespread cyber attacks from Russian-based attackers.

These attackers could use various techniques such as:

  • exploiting outdated software
  • deploying ransomware
  • sophisticated phishing emails targeting users to get the initial foothold into organizations

Other malicious parties may also seek to use the conflict as a smokescreen to conduct their own campaigns.

What You Can Do

You can ensure that you are not an easy target for these attacks by taking some of the following precautions:

  1. Enable Multi-Factor Authentication (MFA) on all your accounts
  • Even on your personal accounts where possible
  • This makes things more difficult for attackers even if they do crack your password
  • Do not reflexively accept an MFA push request on your device
  • Take a second to verify that it is showing the correct location information

2. Ensure that your devices are running an Anti-Malware or Anti-Virus solution

  • Make sure your Anti-Malware or Anti-Virus solutions are functional and up to date

3. Make sure the software on all of your devices is updated

  • This includes personal and/or home devices
  • If your devices no longer receive updates, it may be time to consider replacing them

4. Keep a reliable backup of any important data

5. Be wary of certain emails

  • Pay attention to emails sent right before the end of the day, espcially on Friday afternoons or before holidays
  • Attackers will frequently distrbute phishing emails during times when they know they will get more clicks

The most common phishing email is still the fake Microsoft login page- always check the address in your web browser before entering your credentials

Report Suspicious Emails

If you believe an email is suspicious, please report it using the method below, or reach out to your AgriLife IT team to confirm.

You can report phishing emails 24/7 from Outlook. This will add the sender’s email address to your blocked senders’ list.

This process takes 2 steps and roughly 30 seconds:

  1. Click on the Report Message button in the Home tab of your Outlook ribbon
  2. Specify whether the email is Junk or Phishing
  3. Click on Report