Yesterday a staff member received a very legitimate looking email, from someone he knew, saying there had been a document shared with him, and that he would need to sign in to see it. This is of course a very clever attempt at trying to gain persons email login information.
The email shown above looks very legitimate, but don’t be fooled.
Things to watch out for:
- emails that ask you to reply with your username/email and password
- emails with links to fake login or password reset pages
- emails with links to view or download a file from someone you don’t know
- emails that mention a current event, entice you with a prize or deal that is too good to be true, or pretend that there’s an urgent reason for you to respond or click on a link
- links on social network posts or comments that lead to fake login or password reset pages
- targeted attacks that appear like they’re from someone you know or includes personal information to get you to respond or click on a link
This blog article looks at in further detail.