Convincing Email Scam

by tnolen
/
Comment Closed

December 7, 2018 – We’ve received a new email scam which is going out with our company name and at least one staff member mentioned.  This scam seems to be linking to a virus-carrying spreadsheet, but there may be other versions.  It seems to have been relayed through a compromised email account.  The password on the account has been locked down, but users need to be aware that some of these legitimate looking emails did leave the system.  Below is an example of one:

–BEGIN

           Alert abuse – Spam you host!

 Dear Admin domain,

  You are receiving this message because you are listed as the contactfor the networks below.This message is intended for the person responsible for computersecurity at your site. If this is not the correct address, pleaseforward this message to the appropriate party.

   Our logs show that malicious attempts were made from your networkagainst machines in our domain. This is definitely not an authorizedrequest and we view it as an attempt to probe our network for avulnerability.Either your machine has been compromised and is now being used tolaunch hostile activity, or a legitimate user is engaged in activitythat is probably in violation of your terms of service agreement. Ineither case, please investigate this matter.

   At the bottom of this message we have attached parts of our logs inorder to help you track down the perpetrator (All times are GMT-0000).

We would appreciate a reply that this note has been received.

 Stop spam – on our servers, our admins fix the attack from your domain details in our report .

Thank you,

Regards,
Trey Nolen
Senior Network Administrator

 

–END

 

At the bottom of the message is a link to the “Abuse Report” which is actually a document containing a virus.   If you see one of these messages, please delete and ignore it.

Thank you.