We recently sent a message to our clients warning them of an increase in phishing activity. We find it to be so rampant that we wanted to make this information available to the public as well. For help with your business IT and security contact Tabush Group.
Over the past few weeks, we noticed an uptick in ‘phishing’ emails, which appear to be from Microsoft Office 365 or other popular cloud service providers, trying to get recipients to provide their log in credentials or other sensitive information. While we employ many layers of defense from top vendors for email filtering and content security for our clients, the bad guys are hard at work trying to beat the security systems; and sometimes, these things get through.
We want to provide you scenarios that you and your colleagues should be mindful of. Always be suspicious of anything that appears out of the ordinary, including:
- Links or attachments, especially if they were unsolicited or are from unknown senders
- Improperly formatted emails received from known senders. The email will appear to come from someone you know and trust, but the email may not be worded properly or may otherwise seem out of the ordinary
- Warnings of accounts past due, particularly those that ask for you to log in or provide financial information such as credit cards or bank account numbers
- Requests to provide sensitive information or suspicious looking links, URLs, or pages
- Requests for wire transfers. Even if they appear to be from a known sender, we recommend ALWAYS verifying them directly and via phone
This is not the only email threat to beware of. Ransomware, such as CryptoLocker, is still rampant and can disguise itself in ZIP files and Microsoft Word documents that request you click to ‘enable content’ to execute.
While we have implemented many industry-wide security best practices at Tabush Group and for our clients, and continue to improve on them every day, nothing can ever be 100%. As always, the most important step to ensuring your company’s IT security is to practice safe and smart computing. Please ensure that your company’s entire staff takes the time to read this email and be cognizant of the threats that are out there.
Should you have any questions or notice anything suspicious, please call our helpdesk immediately at 212-729-5101.
Here are some recent examples of phishing activities: