Yesterday we had a client receive an email claiming to be from administrator@TheirCompanyName.com asking them to follow a link to receive an encrypted email. None of our clients would be getting such a message from an account named as such. This was malware designed to convince the user receiving it that the message was legitimate and from an internal account.
Should you receive a similar message you should delete the message immediately. IN addition to coming from the account “Administrator” it may also arrive with the name of a legitimate user on your network.
**********Important – Internal ONLY********** File Validity: 10/04/2015 Company : “YourCompanyName.com” File Format: Adobe Reader Legal Copyright: Adobe Corporation. Please follow this link :https://YourCompanyName.com/file/internal/encruptedmessage” ********** Confidentiality Notice **********. This e-mail and any file(s) transmitted with it, is intended for the exclusive use by the person(s) mentioned above as recipient(s). This e-mail may contain confidential information and/or information protected by intellectual property rights or other rights. If you are not the intended recipient of this e-mail, you are hereby notified that any dissemination, distribution, copying, or action taken in relation to the contents of and attachments to this e-mail is strictly prohibited and may be unlawful. If you have received this e-mail in error, please notify the sender and delete the original and any copies of this e-mail and any printouts immediately from your system and destroy all copies of it.
A post on the Cisco Managed Threat Defense blog reports Emails that purport to come from the Microsoft Volume Licensing Service Center are circulating
This email will have a custom subject line and will look very similar to a real email from Microsoft. Clients should be very careful when receiving any VLSC emails while this is circulating.
Last week Anthem Inc. warned that a breach of its network exposed the personal information of as many as 80 million people. This week they have posted a bulliten warning that scammers are sending phishing e-mailsto people whos onformation was stolen.
How to protect yourself against phishing:
- Be wary of emails asking for confidential information – especially information of a financial nature. Legitimate organizations will never request sensitive information via email
- Watch out for generic-looking requests for information. Fraudulent emails are often not personalised, while authentic emails from your bank often reference an account you have with them. Many phishing emails begin with “Dear Sir/Madam”, and some come from a bank with which you don’t even have an account.
While we have not had any clients reporting emails mentioning Ebola, Symantec is reporting Malware and phishing campaigns reaching customers. It is only a matter of time until these attacks spread to most mail systems.
Phishing is the attempt to acquire information such as usernames and password by masquerading as a trustworthy entity in an email or popup. Communications purporting to be from popular social web sites, auction sites, banks, online payment processors or IT administrators are commonly used to lure unsuspecting public