Incident: Our Email Was Spoofed
Today (02-June-2020) at 13:53 we detected that a 3rd party has spoofed our firstname.lastname@example.org email address as part of their phishing campaign. It is important to note that we were not hacked and none of our data has been compromised.
What Is Email Spoofing
Email spoofing is where someone pretends to be from your email address. They do not require access to your account to do this.
When an email is sent the senders name is attached and this can be forged with relative ease.
Unfortunately there is very little we can do to prevent this other than reporting the phishing sites to their respective web-host’s. This is because we have not been hacked or compromised in any way.
What To Look Out For
Emails coming from email@example.com with a subject related to a “protected Recording”, for example:
Newheights.co.uk: This is a protected Recording!
The emails themselves only contain a png images titled “footer.png”. This is in the email body to look as if it has come from Office 365 (see image below).
The image in the email body invites the recipient to open the attached “voice-message”. The attachment is a html file, which is not an audio format.
The file name changes depending on the recipient but the format remains the same and will look similar to this:
It is important that you do not click on this file.
The page will look similar to the Microsoft account login page but none of the hyperlinks work:
We have reported the phishing domains to their respective web-host’s and they will hopefully be taken down soon.
We would like to reiterate that we have not been hacked and that this was only someone spoofing our email address.
Google has a really helpful article on safe browsing that we recommend, which goes into greater detail on some of the various kinds of phishing that exist.
If you have any questions please contact us.