Green Mouse Computing will be closed for the three days between the Easter and ANZAC weekends (as well as the Easter and ANZAC weekends). 

This means we will be closed from the 18th to the 27th of April, opening again on the 28th of April.

07 827 7119
Shape Created with Sketch.
All
Phishing emailsMicrosoft 365Windows 11EmailScamsMicrosoftScamBitlockerComputer securityFacebookHoliday HoursMonitorsNorton Anti-virusPasswordsPhishing scamsWindows updatesAccount breachAdsAttachment scamAvePoint BackupBusiness PreparednessComputer HardwareComputer settingsComputer specificationsComputer UpdatesComputersCopyright ScamCovid 19CrowdStrike outageData encryptionData recoveryDeleted ItemsDrive securityDropboxEmail AddressEmail scamsFaceBook MessengerFile ExplorerFoldersFree mouseGamilHP ProBook 455 G10HP ProBook 650 G5Identity TheftIMAPIRDISP Email AddressesKnown sendersLandlinesMicrosoft accountMS365New email addressNotification centreOnline SafetyOpening HoursOutlookOutlook.comPhishing emailPhishing scamPhone scamsPOP3QR codesRefurbished laptopRestartSaleScam emailScam emailsScan to emailScanningScarewareSecuritySecurity softwareTrojan horseVaccine PassportVirusWindowsWindows 10Working from Home
TAGS

High Risk Attachment Scam

A very high risk and effective attachment scam is going around at the moment. We've had two clients attacked by it just recently so I want to provide a run down so everyone can be aware of what is happening.

In both cases the malicious software arrived via email and appeared in the form of an email attachment. One was a OneNote attachment, and the other was a DropBox file share, but they were clearly variations of the same scam. 

Here's how it works:

You receive an email from a known contact, maybe even someone you were expecting an email from. It contains an attachment or a shared file that appears to be from a trusted application. You click on the attachment but it doesn't open, instead you're directed to sign into your Microsoft Account. So you do so, but the file still doesn't open. What does happen, in the background, is that the scammers now have access to your (or your company's) SharePoint system, and your email address. Then they take your email address and start sending out more scam emails to everyone you've ever emailed. They also divert your incoming emails to an unused folder in your inbox (RRS feeds is a popular choice), so that they can intercept your mail and impersonate you to try to steal money from you and people you know. Access to your SharePoint system will also allow them to delete and ransom your data, open backdoors you don't even know about, or gain access to the accounts and emails of other users. Basically, it's the worst-case scenario for your security and it's become incredibly sophisticated. 

Why is it so effective?

Because these emails are coming from known contacts, and because it generates a Microsoft 365 login box which can steal your username and password, and not even multi-factor authentication will save you if you take your phone and authenticate the login voluntarily. 

What should I look out for?

Any attachment in an email which, upon attempting to open, asks you to log into your Microsoft 365 account. Even if the email has come from a known, trusted sender, even if you were expecting an email attachment from them.

What should I do?

Be very suspicious of every email attachment. If you do open one and it doesn't automatically open, DO NOT enter your MS365 login details. Call us instead.



Green Mouse | 16 Dick St, Cambridge | 07 827 7119
POWERED BY ROCKETSPARK