So good, I almost fell for it!
Wow, received a malicious email last week, from a friend. But, he didn’t send it. He didn’t even know about it. But it came from him… kinda.
Checking emails last week, saw one from a friend (who is also a client). We do work for his company. In outlook you can preview emails without opening them. As I previewed his email, it didn’t make sense. He was sending me an insurance regulation update and in body of the email… ‘click here’ to receive update. In my security minded brain, it said: ‘payload’ all over it. I didn’t open it, nor did I click. It looked and it was a legit email from him. I checked the source. But it didn’t make sense…
Instead, I texted him and asked: did you send me an email. “NO” was the instant response. I took a screen shot of his email and sent back advising – “Show this to your IT/IT Security company immediately; your email account has been compromised! It’s sending malicious email.” A minute later he responded: “On it.” We don’t do this segment of his security (at the moment).
On my end, we isolated the email, sand boxed it and detonated it. We watched as it attempted to take us somewhere else; a bad place where bad people would do bad things to my company’s systems. We learned from it.
The moral of this story is this: BE AWARE! In this case, we currently have cutting edge email security protecting my operation and I have been trained on what to look for in suspicious, possibly malicious emails. But this email came from a known entity (a client we email with regularly) and personal friend (I also email with). It got past security (there was no payload in the email, but a clickable link) and I ‘almost’ opened it. It was that good. If you get an email (even from a client/friend/associate, etc.) that doesn’t make sense – DO NOT OPEN IT! Verify it first (call or text the sender).
Good email security will stop emails w/ payloads attached or embedded. That’ll protect you from 98% of the threats. Email security is a must. Good email awareness training of team members will protect you from this type of attack. Train your people. System backups are the final line of defense when all else fail. Check, double check and test your backups. Do test restores. Data security is like an onion: several layers. Make sure you have more than 1-2 layers because the bad guys are smart, too.
LACyber is a division of Lincoln Archives providing comprehensive Data Breach Defense Services. Lincoln Archives and LACyber are proud to be a part of Lincoln Family of Companies serving the Western New York Community since 1914.