Phishing E-mail Example

Hi Everyone,

This is an excellent example of a phishing e-mail (see below). An e-mail drafted to look and sound legitimate with attachments that contain malware, or hyperlinks that open to infected web pages. This particular phishing attempt had an attachment (which has been removed).

We can’t stress enough to never, ever open any attachment or follow any link from an email – no matter how legitimate it looks. Yes it’s inconvenient, but that is the digital world we live in today.

Malware today will encrypt your data and hold it ransom, along with the rest of the network’s data:

•    Hospital declares ‘internal state of emergency’ after ransomeware infection.
•    LA Hospital pays nearly $17,000 to restore data.

Many of us use multiple layers of protection:

  1. local antivirus
  2. SPAM firewall (all free e-mail services use these),
  3. DNS filtering i.e., Kibosh Filtering Service

But these tools, or any other, can only block what they know about. There are plenty of exploits unknown by any security vendor.

So when in doubt – throw it out!

Kibosh

—-PHISHING EXAMPLE—–
—–Original Message—–
From: Tia Fleming [mailto:FlemingTia78752@ecolboxmoveis.com.br]
Sent: Tuesday, March 29, 2016 7:22 AM
To: Doe, John <john.doe@somedomain.com>
Subject: Requested receipt ID:8E767D

Dear doe, John

Please find attached your receipt, sent as requested.

We are making improvements to our billing systems to help serve you better and because of that the attached invoice will look different from your previous ones.

Kind regards,
Tia Fleming
Divisional Managing Director