Dear Members of Koç University Community,
Many institutions in Turkey are under a new cyber attack currently. Even though precautionary measures are taken by IT, the cyber attack is very hard to be detected by End-Point Security Applications. Therefore, we kindly ask you to consider the information below.
This new phishing attack, named Totrix Group, sends e-mails containing infected Microsoft Word files or URL’s to download them, aiming to steal the internal user information.
The steps of the attack is shown below;
- The infected Word file pops up a SSL certificate warning message when opened.
- If you accept the certificate, a new window asks for your user name and password. Please do not enter any information here!
- If you enter your user name and password, the Word file is opened and your login information is collected in the attacker’s server.
- Finally, the attacker uses the collected information to access devices and systems.
If a Word file, received by e-mail or downloaded on the Internet, asks for similar actions, the file must be closed and deleted immediately.