your passport to all things web
Phishing Attack ALERT
Several staff members have received convincing Emails this morning that look legitimate, but are actual malware. In all cases, the email indicated a document was attached, but the document went to a URL instead of a .doc file. One of them came from a legitimate contact, so it is very likely that one or more entities that we deal with have been hacked and/or are compromised. That means that simply knowing who the document came from DOES NOT mean it is safe to open. Additional scrutiny is required.
The various Emails, received today, are all different and have no relation to each other so this is not a targeted attack, but most likely, a new scam or virus that people are getting infected with. This would also mean that there could be an uptick in these bogus messages as more of our vendors and members become infected.
If you hover over a link or an attachment, it should make sense. For instance, if the Email says there is a document attached, but the attachment is contract.doc.html, that is NOT a .doc file. The final extension is .html and that can, and most likely will, open a website that will compromise your computer. Further, if a link indicates http://hershey.com but when you hover over it, the link that pops up in the information box is http://786567.htm, that is a red flag. The link display and the link when you hover over it, should look the same.
If you have any doubts, please forward the Email to firstname.lastname@example.org and wait for a response before clicking on any link or opening an attachment.
Thanks and stay safe!