Recently I was working on my system when an email alert showed up in the corner of my screen from Outlook; I opened the message and almost didn’t know I faced the danger of being a victim of phishing malware. Normally, I am very aware of suspect emails. However this day, it makes me realize we are all human. I had my mind focused on the project at hand and the distraction of an email from a client caught me off guard. This is the message one of our clients sent as follows (I removed the personal details):
Subject: Quote Update
**(name removed) shared the below PDF with you on Google Drive Secure**
Doc00UpdatedQuote83838PDF (hyperlinked to bit.ly URL)
At the bottom of the email, there was the full email signature of the client, logo and everything.
Would you catch the signs of a phishing email? In the back of my mind, something didn’t feel right about clicking the document link. The email looked very legitimate. Still, I decided to check its validity. I sent a quick reply to the client “Hi, This looked suspicious. What is it?” When he replied he had “no idea”. I knew it was a phishing attack. Most likely, his system had been compromised and malware was using his email program to send an attack to all the people in his contact list. When someone unsuspecting clicks on the bit.ly link for the quote PDF, it would take them to a “poisoned” website that general attempts to use a known browser exploit to infect your system.
Minutes later, I received some instant messages from co-workers asking if the quote for something someone else was doing with the client. That confirmed it was a mass email message. Fortunately our staff is trained to be aware of strange emails, even when it looks legitimate.
This reminded me, people are your front line of attack/defense in this cyber war. The phishing messages are getting very hard to differentiate from real messages. I recommend you share this lesson with all your co-workers to help them be aware and “think before you click” (on any link). Proper user training and education is the key. The downside could be lost data, lost hours of productivity recovering your system, or worse. All it takes is one user inadvertently getting tricked by an email when they are trying to figure out what it is. Please share/use this experience as a learning lesson and prevent your company from becoming a victim.