As of 9:30am on Tuesday, April 21st, Spitzer Technology Consulting has already received nearly a dozen reports from multiple clients of a well-designed scam attempt, similar across all organizations. Our news sources are telling us these scams are affecting businesses worldwide. We wanted to warn all our other clients and community members immediately, so that no one falls prey to this phishing attack.
Here are a few examples of what we have seen so far:
The emails are spoofed to appear to come from your domain. It can look like it is coming from a boss, a coworker, or even from your own account, sent back to you (see the “note to self” example).
The goal of these attempts is to gain access to your secure account by obtaining your password. They might say something along the lines of asking you to “reset” or “reverify” your password. They might ask you to sign in to “clear your cache” to address a storage issue.
Whatever the verbiage, do not be fooled. DO NOT FOLLOW THE LINK. DO NOT INPUT YOUR PASSWORD. If you have already done so, please call SpitzerTech immediately so we can lock down your account and prevent the hackers from accessing more of your organization.
So far, we have only seen these emails coming to folks using Outlook and Microsoft 365, but that doesn’t mean it won’t begin to infiltrate other email providers. We are asking all of our clients to be on alert in the coming days.
Anytime you receive an email asking you to re-supply confidential information, such as your password, your financial data, or your identification, it pays to double-check. You can forward anything suspicious to us (gold stars ⭐⭐⭐ to the folks who did just that this morning!), and we are always happy to look into it. That is what we’re here for!
Recent Comments