It has come to our attention from another institution that someone is attempting a new phishing attack. A small number of people at multiple sites are getting physical mail, not email, indicating a possible security issue they should be aware of. Details are supposedly included on an enclosed DVD. Individuals targeted range from upper management to researcher/student assistant. Nobody is safe.
The DVD contains an executable you are supposed to run that contains the details. In reality it contains a Trojan horse that snaps a screenshot every few seconds and uploads it to a remote command/control site. The malware runs as the user, and isn't picked up by antivirus.
If you receive such a package, please contact with the Information Security Office, email@example.com, or 988-8500, as soon as possible. DO NOT insert the DVD into your system.
Technology Services, Tulane University, New Orleans, LA 70118 -- TSNOC: 504-862-8888 -- firstname.lastname@example.org