Beware of Subscription Phish

Cybersecurity authorities are warning of an attack group dubbed “Luna Moth” launching a widespread phishing scam with the end goal of getting access to sensitive business information. The emails pretend to be an alert that a subscription will automatically renew (from services such as Zoho, Duolingo, or MasterClass) and to call the number on the email. Because it is likely that the recipient is not actually a user of the named service, the renewal notice is intended to cause anxiety and spur action. Calling the phone number connects the person with the attacker who will then convince them to install a remote access tool. In some cases this attack, when successful, has led to ransomware and corporate data theft. FIT has been able to block some of the known malicious emails from emailing to our domain, but listed below are additional steps you can take to protect yourself at work and at home. 

What can you do to protect yourself?

  • Do not trust unsolicited emails, calls, text messages, or instant messages.
  • Never give control of your computer to a third party unless you can confirm that it is a legitimate representative of a computer support team with whom you are already a customer.
  • Make sure you have a trusted, up-to-date, and active antivirus software installed on your home computer. Learn more here.
  • Remember the Four Don’ts:  
    • Don’t assume that emails are benign. Instead, assume they might be harmful and let them earn your trust.
    • Don’t open emails from unknown sources or if the email doesn’t make sense.
    • Don’t download files or programs unless you are 100% sure you trust the source.
    • Don’t provide personal information in response to an email unless you are 100% sure you have verified the source.

About Cybersafe

The Division of Information Technology is dedicated to informing the community of the latest cybersecurity threats. Visit and stay tuned for emails from [email protected] for the latest from the Cybersafe campaign at FIT.

Be aware—and be cybersafe