Published on Sun 17 Mar 2019
- Are you expecting this email?
- Have you dealt with this person/company before?
- Do you feel unsure about this email?
A targeted attack could make use of available information to make the email/invoice appear to be from a legitimate supplier, using their branding, display name and a similar looking email address. An attacker can find information from published lists, portfolios & case studies, reconnaissance via phone or email enquires, or based off of another attack where data was extracted.
What Happens If You Click The Link?
You are directed to a sign in page to access the document which is a fake login screen designed to steal your credentials and use them to access your systems & accounts.
What About Attachments & Downloads?
An attachment such as a PDF or Word document can contain bad code which runs when you open the document and can infect your computer with malware to steal information, ransom your files or spread itself to others while awaiting further commands.
What to do if you Get an Email That is Suspicious?
If the email looks real but you have doubts contact them via a known phone number or contact us for a sense check at firstname.lastname@example.org or call 01452 491080