Acumen would like to warn of recent phishing scams, or email attacks, that we have seen in our Security Response Center. In some cases, these domains are whitelisted as legitimate organizations, have been released by employees from Quarantine, or the Spam filtering systems do not detect these for a few hours until their security teams realize the nature of the threat. These are a more sophisticated variation of Phishing Attacks that convince employees to take an action that activates an attack such as Ransomware. (Ransomware encrypts your files and charges a ransom to decrypt them. In many cases, paying the requested ransom does not decrypt the files.)
You will see below this message samples of phishing scams. These email attacks convincingly appear to come from major common vendors such as UPS, Intuit Quickbooks, NetSuite accounting, etc.
These emails have an Excel macro document that encourages employees to click a button in the Excel document activating a malicious attack. They will also have invalid web links to malicious web sites that are not owned by the sending organization.
Typically, an employee can detect these attacks by looking carefully at the From address. However, in these cases, the From address looks legitimate.
This is a new email attack mechanism that has not been commonly seen before now.
We recommend sending to your staff. To further help with this matter, Acumen offers brief phishing scam training for your staff.
To set up training for your staff, or with any questions, please call Acumen Consulting at 314-333-3330 or email firstname.lastname@example.org.