More Social Engineering

Larry was the recipient on this one. The subject line said ‘Attention Required! FinancialStatement | SecureMail | Review Copy’ and included the day and time sent. The ‘sender’ said it was from ‘DirectNotifyCenter, glenn@lec.com.’

Good news—before opening the email, the banner says ‘You don’t often get email from glenn@lec.com…’ reminding us that we don’t know this sender. Since he was curious, Larry checked out lec.com just to see what it was. He said it was empty, just a filler and not well done.

The message said ‘Hello lawendt’ which is odd, then indicated there was an updated financial statement for ‘Syscon-inc’ covering ‘6months.’ It said this version included necessary revisions and corrections and just ‘click the link’ to view the messages.

The final paragraph had a nice title section, ‘Why did I receive this email?’ which looked very official. It went on to say the email filtering service is provided by Electrical & Computer Resources, LLC (which isn’t true for us and is not a company we’ve ever heard of).

Warn your team members! I doubt your typical employees would take the time to read all the way down to find that fake company name, but hopefully a few other things would jump out at them, and they would be suspicious. At a minimum, share the reminder NOT to click on any of these links! If anyone is unsure, call our office before taking any additional steps and we’ll check it out! —CMW