Skip to Content
Department of Information Technology

Protect Yourself Against File-Share Phishing

Person sitting in front of their laptop which is displaying the document icon.The Department of Information Technology (DoIT) has identified a new phishing campaign targeting the Seton Hall community involving shared files. File-share phishing is one of many tactics employed by cybercriminals to steal sensitive information from unsuspecting users. Victims of this scam receive what appears to be a legitimate Microsoft notification regarding a document that has been shared with them. Subject lines for these shared file emails may vary and could include examples such as:

Document shared with you: "Staff Year End Bonus.docx"
Document shared with you: "History Staff Group.docx
Document shared with you: "Admin Draft Project.docx"

Often, links in these phishing emails direct users to fraudulent ‘Microsoft’ login pages. Essentially, the purpose of this scam is to trick recipients into entering their login credentials, thereby granting unauthorized access to accounts and personal information. Threat actors utilize this information for fraudulent activities, such as making unauthorized purchases, spreading phishing emails (like this one), distributing malware, and identity theft.

Users might feel inclined to open a shared document out of curiosity, but this action carries risks. Users may be led to seemingly safe pages that actually initiate downloads of malware onto their systems.

How to Identify a File-Share Phishing Attempt:

Before taking any action or opening the shared file link, users should ask themselves three quick questions: 

  1. Is the sender someone I know and trust?
  2. Is this an email/file I was expecting to receive?
  3. Is the shared file something that would normally be shared by the sender?

If the answer to any of these questions is NO, do not click on links or open attachments. 

File-share phishing emails may include up to three names: the sender's name and the names of two other users with whom the document has also been “shared.” When receiving a shared file notification, DoIT urges users to pay close attention to the names of the involved individuals to assess the legitimacy of the notification. In cases where a user is familiar with the sender but unfamiliar with the shared file, it's advisable to verify the legitimacy directly with the sender, either by placing a phone call or sending a new email to confirm their intent to share a file.

As phishing tactics become more sophisticated, users must remain vigilant and educate themselves on the ways to protect their accounts from compromise. Any suspicious email, regardless of the alleged source, should be immediately reported to IT Security for investigation by clicking the “Report Phish” button located in the top navigation of your Outlook account.

Categories: Science and Technology

For more information, please contact: