An interesting new wrinkle in phishing attacks is in the wild as we speak. A system administrator reported the following on the spiceworks forum:
"I received an email from my attorney this morning regarding what I thought was some paperwork that I needed to sign. I started looking at it and thought man this looks fake and the paralegal doesn't talk like this. I contacted the paralegal and she admitted that someone took the bait so it ended up being sent to all their clients and because they Bcc'd all the recipients the attorney has no idea who all filled it out.
The email at the CLICK HERE contained a hyperlink to a PHP contact form that basically wanted you to authenticate with your Gmail credentials so you could view the document that needed to be signed. Here is how the phishing email body content read:
Hello,
Attached is the document I need you to fill out and forward back to me.
Please carefully go through the simplified conditions stated in page 4 paragraph 2 and let me know if you have any other suggestion as regard this.
Kindly CLICK HERE to view the document and have it signed if it's okay by you.
Thanks
Lesson learned: Do not trust email from a trusted source that is phishy. Check out the 22 Social engineering Red Flags (PDF) before you click on anything !!
