Urgent: Phishing Alert

Yesterday we worked with multiple clients that fell for a highly convincing phishing attack. Due to how successful it was, we wanted to get the warning out and help reduce the number of people that fall for it in the future:

We have removed the company details, but this message came from a legitimate business within the same industry as the victims and had all the correct logos, addresses, and signatures. Their e-mail system had been compromised and used to attack many other companies in the industry. There was no way you could tell by looking that the message was malicious. Once you click on the link or the attachment, it asks for YOUR e-mail credentials to decrypt the message. Once you put that information in, the bad actors have full access to your e-mail account.

Here are the three things you can do to help prevent falling for this attack:

1. Even though it is highly convincing, if you are not expecting a secure message, call the sender and confirm that they sent it.
2. Secure e-mail systems will NEVER ask for your primary account credentials to decrypt. Decryption requires you to set up a new account in the secure mail system or use the password that the sender provided. BE VERY CAREFUL ANY TIME THAT YOUR ARE REQUESTED TO ENTER YOUR E-MAIL USERNAME AND PASSWORD.
3. Finally, if you have to check it (and we recommend you do not), try entering bad credentials first. I do this every time I receive any message asking for credentials.  The reason? The bad actors don’t know what your password is - they are just collecting information. If you put in junk and it allows you in, you know that they were trying to steal credentials.

If you do fall for this attack, please reach out to Element right away. We are here to help.