The J2 Cyber Security Centre team and Technical team had numerous requests to review if there was an issue as to why they were receiving these. These types of emails are targeted at generic accounts such as info@, contact and in some instances to direct email accounts.
info@, contact and in some instances to direct email accounts.
In order to make sure that you do not become a victim we can provide further analysis of this attempt. The attack starts with an email stating that you have failed delivery messages waiting to retrieved.
We detected that these mails came from known senders that regularly communicated with the recipient so the recipient would normally look at these as trusted senders or would be added to company whitelisting. It also points to 3rd party compromise.
The email contains a link to retrieve these messages now, after clicking on the link it will ask you to input your mailbox credentials.
- Hits: 79