ITaP Security and Policy warns the Purdue community that the University has been specifically targeted by spear phishing attacks involving malicious PDF attachments. The attacker's attempt to trick users into opening an infected PDF in order to compromise a system. These compromised systems are then used as launching pads to perform further compromises of Purdue computer systems and network reconnaissance.
ITaP Security and Policy recommends that users do not open e-mail attachments that the user is not expecting. Potential malicious attachments may be titled:
If you have received or opened any unusual or un-trusted attachments, named similar to the files listed above, contact ITaP Security and Policy immediately.
Report computer incidents to Purdue: http://www.purdue.edu/securePurdue/incidentReportForm.cfm
For questions concerning this advisory, please send email to: firstname.lastname@example.org.
Posted by Curt Jansen on June 13, 2012, in Secure Purdue News.