Phishing

Follow

 

 

 

 

 WiseUp_Graphic.png

Those naughty hackers are getting clever.  Recently, the sharp eyes at the helpdesk were made aware of an attempt to steal employee login information:

 

 

From: service_noreply. <acont.nor3ply@dsfgdghytututuytdf6gvwz0sjsdjj08wjb8h.cappers.scot>
Sent: Thursday, 26 April 2018 5:24 AM
To: Employees actual name <First.Last@workwise.org.nz>
Subject: (5) incoming messages returned to sender

 

At 09:32 AM, your mailbox YourName@wisegroup.co.nz failed to sync and returned (5) incoming mails.

Syncing failed to go through due to invalidation of your mailbox within the past 15 days.

Recover Messages

2018 365 Message Center

 

 

Hmmm…what doesn’t seem right here?  If you hover over the “Recover Messages” link, you can see it wants to take us to

 phish1.png

 

See that “.in”?  That wants to take us to a site hosted in INDIA!  That can’t be right..

Another clue in this email is the sender. 

 

acont.nor3ply@dsfgdghytututuytdf6gvwz0sjsdjj08wjb8h.cappers.scot

 

So somebody from a Scotland (.scot) domain wants us to got to their site hosted in India…  Can I get a yeah right?

 

The last clue, if you missed the first two, was where it actually goes for those that dare to click the link.  It’s been setup to look like a Microsoft login page.  Sneaky!

 

 Phish2.png

However, before putting your work password in, check that it’s a work site.  Here’s a handy tip.  The only place to put your password in online will be a WiseGroup branded site.  See?

 

 Phish3.png

AND, you will never be prompted to put in your password from an email link.  Not from IT, not from your bank, not from any shopping website.  The more you know!

 

The IS team   |   ph 07 857 1226   |   email is_support@wisegroup.co.nz

 

0 out of 0 found this helpful

Comments

0 comments

Please sign in to leave a comment.