Dear Members of Koç University Community,

Many institutions in Turkey are under a new cyber attack currently. Even though precautionary measures are taken by IT, the cyber attack is very hard to be detected by End-Point Security Applications. Therefore, we kindly ask you to consider the information below.

This new phishing attack, named Totrix Group, sends e-mails containing infected Microsoft Word files or URL’s to download them, aiming to steal the internal user information.

The steps of the attack is shown below;

  • The infected Word file pops up a SSL certificate warning message when opened.

  • If you accept the certificate, a new window asks for your user name and password. Please do not enter any information here!

  • If you enter your user name and password, the Word file is opened and your login information is collected in the attacker’s server.

  • Finally, the attacker uses the collected information to access devices and systems.

If a Word file, received by e-mail or downloaded on the Internet, asks for similar actions, the file must be closed and deleted immediately.

Best Regards
Information Technology
For questions and help:
Ticket: https://it-trackit.ku.edu.tr
Email: it@ku.edu.tr
Phone: 1111
Service Desk Location:Student Center -1. Floor, Next to Post Office