Spear Phishing again… Seagate current victim.
Phished
I am not presenting this news to nock the company mentioned, what it does help my readers understand is that it can happen to anyone. Even organizations that you would expect to be tech savy have fallen to these attacks. Seagate employees received and email that was supposedly generated by an internal employee. This email only took one employee to bite just like a fish to the baited hook. After that it is history they responded and sent the information to the would be employee who was really not.
The employee just did what most of us would do responded with the information requested by a fellow employee. I have seen many emails like these and I have fallen victim too. Maybe not to this level but still the point we often do things mechanically, respon, click links, view videos etc. If we don’t think before we leap we can all end up making these types of mistakes. I use these real world examples to remind people that these things go on all the time. Additionally we give more of our personal information away than we can possible imagine.
Fore more information on the Seagate store check out the article at Business Insider by James Cook, “Another big tech company has fallen victim to the email scam that tricked SnapChat“.
Give Away!
Why do we protect our information tightly when we are talking to someone face to face, but when its in the form of a link we just go and give it.
Consider some of these things we do?
- Click on links in spam or junk mail
- Assume all email is from a person we know how often do you question if the source is legit.
- We assume the person is someone we know because they know something about us.
- Complete contest forms that come in email even if we aren’t sure of the source.
- Don’t verify websites
- Accept orders from email and accept the credit cards emailed to us.
- Allow programs to have information via links in Social Media like LinkedIn, Facebook etc.
The last one is a real winner if you are a Social Media user you have probably clicked on a link for a tool like Birthdays, Pokes, Sweepstakes, and many more. As you do this you get a warning that some of your information is going to be shared with the 3rd party company. Do you stop or continue…. Well if you continue you may be giving up all of you email contacts to the company which would allow them to create email saying “He Bill you might like to ….. because your friend Tom uses our software”. Or post may even be spoofed to look like it was created by you. Oddly as stated earlier we trust people we are talking directly to less than the invisible person at the other side of emails, and social media.
Just be careful and think about what information you are being asked for or releasing.
Security thoughts poste by the Techs from E2 Computers in Tarpon Springs, FL and on the web at www.end2endsupport.com.
