…something that looked like this:
This type of message had landed in a handful of staff at a company that had called us for help. Unfortunately for the individuals that clicked on one of the links, their woes were just about to start.
The above “phishing” message had been crafted to make it look as though there were messages waiting for them that they needed to be released. The user was even convinced of the “authenticity” because of the message being identified as being sent from a trusted source. However, there are a couple of obvious items that should have raised suspicion; grammar, tonality and message about it not being an email but… was…
The individual had put in a lot of effort as the links went through to a functioning web application that suggested it was releasing messages waiting for the user. Sadly, they had been tricked into letting the scammer create an auto-forwarding rule in their mailbox without them realising. From the moment this happened the scammer was now receiving a copy of each and every message that was sent to the individual.
What type of information do you receive in your business and what impact this would have if it happened to you?
I am not going to go into the reasons why they shouldn’t have clicked on this particular message but more about highlighting the impact of clicking this type of message. Untargeted, mass emails sent to many people asking for sensitive information (such as bank details) or encouraging them to visit a fake website.... emails are getting more and more sophisticated and all it takes is a simple lack of judgement and your business could be impacted.
Simple steps you can take
- Educate users on not clicking something that looks suspicious – you may need to highlight how you may communicate inside your business to help them understand the difference.
- Put into place additional levels of protection (such as CyberGuard) on the desktop to help identify messages of this nature
- If you use Office 365 then deploy additional layers of protection in the Security and Compliance Centre
I use Office 365. I am safe, right?
This is not a straightforward answer. It really depends on your business and what you are doing. What I can say is that you should apply and enable some of the features that are built into the The basic hardware (device) and software (operating system) on which applications can be run..... Office 365 provides you with the tools to protect yourself but they do need to be configured. You should absolutely enable and configure:
Based on the issue this customer had, we would also recommend disabling the forwarding capability to stop auto-forwarding of messages:
These are just some of the basic steps you need to take.
If you need help or advice on how you can protect yourself against attacks like this then please get in contact. In the meantime, be careful what you click on.