A member of the SpiceWorks IT forums reported he had received a new type of hybrid attack: first a phone call to his desk, followed up with a phishing email laced with malware, promoting IBM products. Here is how the email looks:
Hovering over the links clearly showed it was dodgy to say the least.
Now, this was in Europe, but like I have mentioned here regularly, that area is very often used as beta test territory and once they have perfected the phishing attack, it gets unleashed on the U.S.
So consider this a heads-up. Receiving a phone call from a vendor, followed up by an email might lower your defenses and you might be a bit less skeptical before you click on a link. Don't fall for it. Always hover over that link before you click!
System Admins are people with a target on their back because they have admin creds and could inadvertently hand over full network access to attackers. Let's stay safe out there.
Free Domain Spoof Test
Can hackers spoof an email address of your own domain?
Are you aware that one of the first things hackers try is to see if they can spoof the email address of your CEO? If they are able to commit "CEO Fraud", penetrating your network is like taking candy from a baby.
Would you like to know if hackers can spoof your domain? KnowBe4 can help you find out if this is the case with our free Domain Spoof Test. It's quick, easy and often a shocking discovery. Find out now if your email server is configured correctly, many are not!
