Fake Emails - Please continue to be vigilant
A week or 3 ago I sent a warning to our clients to be aware of fake emails that contain malicious links.
Yesterday we saw a new outbreak of basically the same thing, it appeared to be a copy of the last attack which is targeting users who have Office 365 accounts or Gmail accounts and send them to a fake portal where user details are requested. By entering your details you then inadvertently give the attackers access to your email and all the history it contains including all those sensitive pieces of information that you likely have stored there.
A good way to help identify a fake email from a legitimate email is to hover your mouse cursor over the link that it requests you to click on.
Something like the pic below: (excuse the poor artwork..)
You can see I have hovered the mouse over the “recover messages” link which is what they want you to click. Dotarg.com…. what is that? That is the key question you should be asking yourself.. I’ve never heard of Dotarg is likely the next thought process. Well if that is the case then talk to your IT support, or your email host, or a colleague and talk it through before you follow the link as the wrong decision at that time could be enough to not only compromise your security but that of your entire workplace or customer list. When you think about that you can see why I'm urging caution.
The other thing to note is the sending email address. Like Dotarg.com, have you heard of Peter-Pimow or T-online? Probably not is the answer and if the answer is probably not to Peter + T-online and Dotarg then you can probably save your self a call to IT and just delete and ignore. If the issue is real or any action is required a follow up will likely be sent you your attention.
That’s all for today, I felt it was worth a reminder as this, in my opinion, is the most pertinent threat to your online security at this very moment.