![]() They got an email from a known customer, but an unknown employee, saying they need to immediately purchase these stickers. "Are you expecting anything from this person?" Then open the link in Google Chrome to see if Chrome it self gives you a warning that the site you are visiting is unsafe. Try creating a Google email account and use Chrome.forward the email to your new Gmail e if Google automatically put it as spam or gives a warning when you open the email. ![]() I do not think this was a targeted attack but a very old email thread that someone opened using an unprotected machine and his email client got compromised. So the email and the wetransfer link all work fine in chrome and any other browser :( You can send anyone a file and claim to be anyone you want. and there is no check for source email address. ![]() If you have ever used the service, you do not need an account. The actual email - sent from WeTransfer - was genuine, and there was a file waiting for them to download. but then they are the only ones that talk to this company. It felt more targeted than it was because it was just our sales team that received it. because they likely sent it out to all of the persons contacts that they recovered from his account. I guess targeted would be the wrong word. Not sure what you are trying to get me to prove / do here? More training needed, but with attacks constantly evolving there is always going to be a chance that someone is caught again! I have chatted to both users about this, and they both felt that they were lured into entering their details because it looked like it came from someone they knew. I've also emailed the company that "sent" the email - to warn them that their user may have been phished in the past to gain access to his email / contacts. Office 365 logs checked to find no suspicious logins. a few accounts blocked straight away and passwords changed. Logs checked, warning emails sent to those that also received the email. No idea if the page ran as intended, but didn't take that risk. Found some scripts that ran every time a key was pressed calling a php script on the web. I opened up the file in notepad, scanned the code. I typed my username and password in and nothing." was the reply. I opened up a remote session to his laptop - saw the email and the file and asked him "did you open this?" Thankfully I was at my (personal) PC at the time and got on the case. I got an email around 8pm at night - one of the users was trying to open this file but it wasn't working and could I take a look? The file sent was websalesbrochure-file.htmlĢ users decided that they would open the file as they knew the person who sent it. The sender was a person & company that we deal with regularly. In a targeted attack on our sales team, we received an email via WeTransfer with a company's new sales brochure. If you receive questionable or suspicious communications, contact IT Customer Care and allow the University Information Security Office (UISO) to validate the legitimacy of these communication attempts.Had an interesting phishing attack on Friday last week. Please remember that Fordham IT will NEVER ask you for your username and password or ask you to click any links to validate or verify your account or password. If direct contact with the sender is not possible, please contact ITCC for assistance. Do not assume a message from WeTransfer is trustworthy based on the displayed name of the sender. Pay attention to the sender of the email and if something appears suspicious, contact the sender directly to verify the messages legitimacy. Please remain diligent and avoid giving any personally identifiable information through email. Files sent via WeTransfer can be easily crafted to look like they are from legitimate email addresses and even trusted third parties. ![]() These are not legitimate emails and should be reported immediately. However, the file itself instructs the user to go to a phishing site and enter confidential information. The messages contain a file download link from a seemingly legitimate email source. The subject line of these emails contain the words “sent you files via WeTransfer”. Please be advised that there are suspicious emails circulating that are targeting members of the Fordham Community.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |