This month, we became aware that several universities have been targeted by spearphishing emails with serious malware. These emails use targeted language, come from compromised internal accounts, spoof (appear to be from) another internal account, and copy real email signatures. These tactics are used to make the emails look more legitimate. The emails include an .html or .dat attachment, which leads to an attempt to encrypt machines with Clop ransomware.
More information about these phishing emails, including example screenshots can be found here: https://www.hornetsecurity.com/en/security-information/clop-clop-ta505-html-malspam-analysis/, such as this example:
Please report phishing emails using the Report Phishing button or by emailing it as an attachment to the Computer Help Desk.