True Phishing Confessions From A Compromised Company. This One Has A Twist At The End



"The email you hope you never have to send to clients/customers"

Cyber_confessionsOK, so here is another horror story that you hope you can prevent from happening to your own organization. This is an email that we received from a system admin who sent this to all their business partners. (the names are changed to protect the innocent).

There is a nasty twist at the end. It's in italics underlined, and means an additional cause of business disruption when suddenly your business emails do not make it to your customers.  Here goes, read and shiver. 

From: Jonas <Jonas@******.com>
Subject: Email Phishing Scam - Please Read
To: notifysecurity@******.com <notifysecurity@******.com>
 
Good afternoon,
 
Sometime around 11:30 AM on Wednesday, November 28th, one of our email accounts fell victim to a phishing email scam. (Yes, six days ago). The attack tricks the user into entering their email login and password into an official looking Microsoft OneDrive website by sending a fairly authentic-looking document on the company letterhead.
 
A company we deal with fell victim to it, and one of our staff thought the document was legitimate. Unfortunately, the company never let anyone know they had been affected. After being tricked ourselves, the scammer repeated the trick with our contacts as well. Anyone the user had ever received an email from or had ever sent an email to was either emailed directly or copied via bcc.
 
If you opened the PDF email itself, there should be no harm, there was no virus payload in the file itself. If you clicked the link in the email and entered your Microsoft account login, or your email login, we suggests you change your email password immediately.
 
In our case, the scammers took almost a week and spent the time to create a very genuine looking email that would appear as legitimate as possible to those that received it. The attack was caught within the first hour and stopped within another hour with the help our outsourced IT department. This was a phishing attack, not a virus attack, so there are no infections or fears of viruses to worry about, but as far emails hacks go, this one was fairly sophisticated.
 
We have been trying for the past six days to send this email notifying any valid-appearing email recipients about the issue because we thought a prompt response would help others not fall victim to the same attack. Unfortunately, the spammers succeeded in getting our email address listed as a spammer, and it's taken this long to undo that action and regain the ability to send and receive email. The good news is that limited the reach of the spam itself, severely limiting the effect. The bad news is, it also prevented us from being to email anyone and let them know about it until today.
 
We sincerely apologize for any inconvenience this has caused. If you require further assistance or have questions, our IT team has offered to make themselves available to answer any questions and will offer any assistance they can.
 
You can reach them via email at support@**************.com, or by phone at 888-xxx-xxxx. Please let us know if you have any questions. We apologize again for any inconvenience.
 
Best Regards, Jonas 

Find out how affordable new-school security awareness training is for your organization. Get a quote now.

 
Get A Quote
Request A Demo
 

Topics: Phishing



Subscribe to Our Blog


Comprehensive Anti-Phishing Guide




Get the latest about social engineering

Subscribe to CyberheistNews