Malicious email messages have been making the rounds at Western Washington University, according to a recent bulletin from Academic Technology and User Services.
The most common variant of the messages has the subject "electronic" and an attachment that is called "invoice32.zip." Another variant has the subject "2015 Expenses" and an attachment that is called "cOCnVV.zip." The subject line and attachment name may vary.
Users should delete such messages, even if they recognize the sender. If the attachment is opened it may install malware that will send spam from the user's email address. Anyone who has already opened the attachment should contact the Help Desk at 360-650-3333.
The phishing scam alert has also been posted to the Security & System Alerts section on myWestern. For more information about avoiding scams, and to see recent examples of common phishing scams, visit http://helpdesk.wwu.edu and click on the “Phishing” link under the Security section.